( $cfg->{cookie_domain} ? ( domain => $cfg->{cookie_domain} ) : () ),
};
+ $cookie->{expires}=$c->calc_expiry();
+
+ $cookie->{secure} = 1 if $cfg->{cookie_secure};
+
+ return $cookie;
+}
+
+sub calc_expiry {
+ my $c=shift;
+ my $cfg = $c->config->{session};
+ my $value= $c->NEXT::calc_expiry(@_);
+ return $value if $value;
if ( exists $cfg->{cookie_expires} ) {
if ( $cfg->{cookie_expires} > 0 ) {
- $cookie->{expires} = time() + $cfg->{cookie_expires};
+ return time() + $cfg->{cookie_expires};
}
else {
- $cookie->{expires} = undef;
+ return undef;
}
}
else {
- $cookie->{expires} = $c->session_expires;
+ return $c->session_expires;
}
-
- return $cookie;
}
sub prepare_cookies {
Set to 0 to create a session cookie, ie one which will die when the
user's browser is shut down.
+=item cookie_secure
+
+If this attribute set true, the cookie will only be sent via HTTPS.
+
=back
=head1 CAVEATS