Allow turning off the httponly option (Closes RT#48930).

[catagits/Catalyst-Plugin-Session-State-Cookie.git] / lib / Catalyst / Plugin / Session / State / Cookie.pm

diff --git a/lib/Catalyst/Plugin/Session/State/Cookie.pm b/lib/Catalyst/Plugin/Session/State/Cookie.pm
index 9f31965..0c26490 100644 (file)
--- a/lib/Catalyst/Plugin/Session/State/Cookie.pm
+++ b/lib/Catalyst/Plugin/Session/State/Cookie.pm
@@ -1,15 +1,15 @@
 package Catalyst::Plugin::Session::State::Cookie;
-use base qw/Catalyst::Plugin::Session::State Class::Accessor::Fast/;
+use Moose;
+use namespace::autoclean;
 
-use strict;
-use warnings;
+extends 'Catalyst::Plugin::Session::State';
 
 use MRO::Compat;
 use Catalyst::Utils ();
 
-our $VERSION = "0.12";
+our $VERSION = "0.13";
 
-BEGIN { __PACKAGE__->mk_accessors(qw/_deleted_session_id/) }
+has _deleted_session_id => ( is => 'rw' );
 
 sub setup_session {
     my $c = shift;
@@ -77,8 +77,8 @@ sub make_session_cookie {
     $cookie->{secure} = 1 unless ( ($sec==0) || ($sec==2) );
     $cookie->{secure} = 1 if ( ($sec==2) && $c->req->secure );
 
-    my $hto = $cookie->{httponly} || 1; # default = 1 (set httponly)
-    $cookie->{httponly} = 1 unless ($hto==0);
+    $cookie->{httponly} = 1
+        unless exists $cookie->{httponly}; # default = 1 (set httponly)
 
     return $cookie;
 }