module Session.TransportSecurity ( TransportSecurity (..) , cookieSecure ) where import Internal.Prelude data TransportSecurity = -- | Only allow cookies on HTTPS connections -- -- Set this in production. RequireSecureTransport | -- | Allow cookies over either HTTP or HTTPS -- -- This is okay for development. AllowPlaintextTranport cookieSecure :: TransportSecurity -> Bool = \case TransportSecurity RequireSecureTransport -> Bool True TransportSecurity AllowPlaintextTranport -> Bool False