search

ambiorix-web / scilis

Secure cookies for ambiorix
https://ambiorix.dev
GNU General Public License v2.0
6 stars 1 forks source link

A method to get the value #4

Open jrosell opened 3 months ago

jrosell commented 3 months ago

I guess it could be helpful to have some function to be sure that we can get the cookie value securely.

When restarting the app sometimes I see the value of the string containing devOpifex/scilis and I did this:

errors <- ""    
cookie <- req$cookie[[cookie_errors]]
if (is.character(cookie) && cookie != "" && length(cookie) > 0 && !str_detect(cookie, "devOpifex/scilis")) {
  errors <- req$cookie[[cookie_errors]]    
  res$cookie(name = cookie_errors, value = "")
}

I imagine something like this:

errors <- ""    
if (scilis::is_secure(req, cookie_errors)) {
  errors <- req$cookie[[cookie_errors]]    
  res$cookie(name = cookie_errors, value = "")
}
JohnCoene commented 3 months ago

Not sure why I never thought of that

jrosell commented 4 weeks ago

And also make the change from devOpifex to ambiorix-web, I guess.