tags:

views:

657

answers:

3
+13  Q: 

How do I set the HttpOnly flag on cookie in rails

The page http://www.codinghorror.com/blog/archives/001167.html explains why making HttpOnly cookies is a good idea

How do I set this property in RubyOnRails

+4  A: 

Just set :http_only to true as described in the changelog.

Michael Haren  2008-09-16 13:39:53
+12  A: 

Set the 'http_only' option in the hash used to set a cookie

e.g. 

cookies["user_name"] = { :value => "david", :http_only => true }

Laurie Young  2008-09-16 14:04:18
+1  A: 

I also wrote a patch that is included in Rails 2.2, which defaults the CookieStore session to be http_only.

Unfortunately session cookies are still by default regular cookies.

Pelle  2008-10-03 18:49:19

related questions

Best place to get Ruby on Vista up and running as dev environment
How can I encode xml files to xfdl (base64-gzip)?
What is the best way to learn Ruby?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a Class using the Singleton Design Pattern in Ruby?
How do I update Ruby Gems from behind a Proxy (ISA-NTLM)
Why Should I Learn Ruby?
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
How do I rake tasks within a ruby script?
Ruby On Rails with Windows Vista - Best Setup?
Mapping values from two array in Ruby
Reverse DNS in Ruby?
Text Editor For Linux (Besides Vi)?
What is good forum software to add to an existing Rails application?
Calling Bash Commands From Ruby
How can I modify .xfdl files? (Update #1)
How do I use (n)curses in Ruby?
Open Source Ruby Projects
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
When to use lambda, when to use Proc.new?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.
.NET Migrations Engine
How do I add existing comments to RDoc in Ruby?