ad_get_signed_cookie_with_expr (public)
ad_get_signed_cookie_with_expr \ [ -include_set_cookies include_set_cookies ] [ -secret secret ] \ name
Defined in packages/acs-tcl/tcl/security-procs.tcl
Retrieves a signed cookie. Validates a cookie against its cryptographic signature and ensures that the cookie has not expired. Throws an exception when cookie does not exist or validation fails.
- Switches:
- -include_set_cookies (optional, defaults to
"t"
)- -secret (optional)
- Parameters:
- name (required)
- Returns:
- Two-element list containing cookie data and expiration time
- See Also:
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- sync_http_get_document
Source code: set cookie_value [ad_get_cookie -include_set_cookies $include_set_cookies $name] if { $cookie_value eq "" || ![string is list $cookie_value]} { throw {AD_EXCEPTION NO_COOKIE} {Cookie does not exist} } lassign $cookie_value value signature set expr_time [ad_verify_signature_with_expr -secret $secret $value $signature] ns_log Debug "Security: Done calling get_cookie $cookie_value for $name; received $expr_time expiration, getting $value and $signature." if { $expr_time } { return [list $value $expr_time] } throw {AD_EXCEPTION INVALID_COOKIE} "Cookie could not be authenticated."Generic XQL file: packages/acs-tcl/tcl/security-procs.xql
PostgreSQL XQL file: packages/acs-tcl/tcl/security-procs-postgresql.xql
Oracle XQL file: packages/acs-tcl/tcl/security-procs-oracle.xql