The Modern And Developer Centric Python Web Framework. Be sure to read the documentation and join the Discord channel for questions: https://discord.gg/TwKeFahmPZ
I would like to pass per user settings back to the client-side in a session based cookie.
The client-side js could then use these settings to adjust the user interface as per the users preferences and would persist between requests.
This would be used with http_only=False cookies to make the data visible to the JS in the page.
These settings might include such things as:
theme (dark/light)
navbar position
hiding sidebar
currency country selection
.....
it would be nice to be able to pass this data vack to the page for client0side handling in a cookie where HTTP_ONLY is False
What do we currently have to do now?
Currently all cookies are encrypted by default via the EncryptCookie" miffleware.
The only way to stop this behaviour (that I have found so far) is to disable that middleware which is undesirable in most cases.
Describe the solution you'd like
A nice feature would be to have an opt-out way of disabling excryption for spexific cookies.
something like encrypt=False when adding a cookie toa request or response.
This option would be True by default
The EmcryptCookie middleware could then check for this on each cookie and take action as required.
If this is already available and I have missed it in the docs please advise.
Describe alternatives you've considered
not sure if there are others?
Would this be a breaking change ?
[ ] Yes
Anything else ?
Happy to discuss further and looking at the Cookie Class and EncryptCookie middleware it looks fairly straight forward
looking at a PR for this ATM
Is your feature request related to a problem?
Kind of....
I would like to pass per user settings back to the client-side in a session based cookie. The client-side js could then use these settings to adjust the user interface as per the users preferences and would persist between requests. This would be used with
http_only=Falsecookies to make the data visible to the JS in the page. These settings might include such things as:it would be nice to be able to pass this data vack to the page for client0side handling in a cookie where HTTP_ONLY is False
What do we currently have to do now?
Currently all cookies are encrypted by default via the EncryptCookie" miffleware. The only way to stop this behaviour (that I have found so far) is to disable that middleware which is undesirable in most cases.
Describe the solution you'd like
A nice feature would be to have an opt-out way of disabling excryption for spexific cookies. something like
encrypt=Falsewhen adding a cookie toa request or response. This option would beTrueby default The EmcryptCookie middleware could then check for this on each cookie and take action as required.If this is already available and I have missed it in the docs please advise.
Describe alternatives you've considered
not sure if there are others?
Would this be a breaking change ?
Anything else ?
Happy to discuss further and looking at the
CookieClass andEncryptCookiemiddleware it looks fairly straight forward looking at a PR for this ATM