NAME
Plack::Middleware::SignedCookies - accept only served-minted cookies
VERSION
version 1.000
SYNOPSIS
# in app.psgi
use Plack::Builder;
builder {
enable 'SignedCookies', secret => 's333333333kr1t!!!!1!!';
$app;
};
DESCRIPTION
This middleware modifies Cookie
headers in the request and Set-Cookie
headers in the response. It appends a HMAC digest to outgoing cookies and removes and verifies it from incoming cookies. It rejects incoming cookies that were sent without a valid digest.
CONFIGURATION OPTIONS
secret
-
The secret to pass to the Digest::SHA HMAC function.
If not provided, a random secret will be generated using Perl’s built-in rand function.
AUTHOR
Aristotle Pagaltzis <pagaltzis@gmx.de>
COPYRIGHT AND LICENSE
This software is copyright (c) 2014 by Aristotle Pagaltzis.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.