Commits

ianb  committed 3a41568

Added httponly option to set_cookie

  • Participants
  • Parent commits 677cf8c

Comments (0)

Files changed (2)

File docs/news.txt

 News
 ====
 
+svn trunk
+---------
+
+* Added ``res.set_cookie(..., httponly=True)`` to set the ``HttpOnly``
+  attribute on the cookie, which keeps Javascript from reading the
+  cookie.
+
 0.8
 ---
 

File webob/__init__.py

     app_iter = property(_app_iter__get, _app_iter__set, _app_iter__del, doc=_app_iter__get.__doc__)
 
     def set_cookie(self, key, value='', max_age=None,
-                   path='/', domain=None, secure=None):
+                   path='/', domain=None, secure=None, httponly=False):
         """
         Set (add) a cookie for the response
         """
             ('path', path),
             ('domain', domain),
             ('secure', secure),
+            ('HttpOnly', httponly),
             ]:
             if var_value is not None and var_value is not False:
                 cookies[key][var_name.replace('_', '-')] = str(var_value)