ad_set_signed_cookie (public)

 ad_set_signed_cookie [ -replace replace ] [ -secure secure ] \
    [ -expire expire ] [ -discard discard ] [ -scriptable scriptable ] \
    [ -max_age max_age ] [ -signature_max_age signature_max_age ] \
    [ -domain domain ] [ -path path ] [ -secret secret ] \
    [ -token_id token_id ] [ -samesite samesite ] name value

Defined in packages/acs-tcl/tcl/security-procs.tcl

Sets a signed cookie. Negative token_ids are reserved for secrets external to the signed cookie mechanism. If a token_id is specified, a secret must be specified.

Switches:
-replace (optional, defaults to "f")
-secure (optional, defaults to "f")
-expire (optional, defaults to "f")
-discard (optional, defaults to "f")
-scriptable (optional, defaults to "f")
allow access to the cookie from JavaScript
-max_age (optional)
specifies the maximum age of the cookies in seconds (consistent with RFC 2109). max_age inf specifies cookies that never expire. (see ad_set_cookie). The default is session cookies.
-signature_max_age (optional)
-domain (optional)
-path (optional, defaults to "/")
-secret (optional)
allows the caller to specify a known secret external to the random secret management mechanism.
-token_id (optional)
allows the caller to specify a token_id.
-samesite (optional, defaults to "lax")
Parameters:
name (required)
value (required)
the value for the cookie. This is automatically url-encoded.
Author:
Richard Li <richardl@arsdigita.com>
Created:
18 October 2000
See Also:

Partial Call Graph (max 5 caller/called nodes):
%3 test_test_set_cookie_procs test_set_cookie_procs (test acs-tcl) ad_set_signed_cookie ad_set_signed_cookie test_test_set_cookie_procs->ad_set_signed_cookie ad_set_cookie ad_set_cookie (public) ad_set_signed_cookie->ad_set_cookie ad_sign ad_sign (public) ad_set_signed_cookie->ad_sign sec_session_lifetime sec_session_lifetime (private) ad_set_signed_cookie->sec_session_lifetime security::log security::log (private) ad_set_signed_cookie->security::log Class ::xowiki::includelet::kibana Class ::xowiki::includelet::kibana (public) Class ::xowiki::includelet::kibana->ad_set_signed_cookie ad_user_login ad_user_login (public) ad_user_login->ad_set_signed_cookie sec_generate_secure_token_cookie sec_generate_secure_token_cookie (private) sec_generate_secure_token_cookie->ad_set_signed_cookie sec_generate_session_id_cookie sec_generate_session_id_cookie (private) sec_generate_session_id_cookie->ad_set_signed_cookie

Testcases:
test_set_cookie_procs
Source code:
    if { $signature_max_age eq "" } {
        if { $max_age in {"inf" 0} } {
            set signature_max_age ""
        } elseif$max_age ne "" } {
            set signature_max_age $max_age
        } else {
            # this means we want a session level cookie,
            # but that is a user interface expiration, that does
            # not give us a security expiration. (from the
            # security perspective, we use SessionLifetime)
            ns_log Debug "Security: SetSignedCookie: Using sec_session_lifetime [sec_session_lifetime]"
            set signature_max_age [sec_session_lifetime]
        }
    }

    set cookie_value [ad_sign -secret $secret -token_id $token_id -max_age $signature_max_age $value]
    set data [list $value $cookie_value]

    ::security::log timeout "ad_set_signed_cookie $name [list signature_max_age $signature_max_age max_age $max_age]"
    ad_set_cookie  -replace $replace  -secure $secure  -discard $discard  -scriptable $scriptable  -expire $expire  -max_age $max_age  -domain $domain  -path $path  -samesite $samesite  $name $data
Generic XQL file:
packages/acs-tcl/tcl/security-procs.xql

PostgreSQL XQL file:
packages/acs-tcl/tcl/security-procs-postgresql.xql

Oracle XQL file:
packages/acs-tcl/tcl/security-procs-oracle.xql

[ hide source ] | [ make this the default ]
Show another procedure: