cookie-0.4.4: HTTP cookie parsing and rendering

Safe HaskellSafe
LanguageHaskell98

Web.Cookie

Contents

Synopsis

Server to client

Data type

data SetCookie Source #

Data type representing the key-value pair to use for a cookie, as well as configuration options for it.

Creating a SetCookie

SetCookie does not export a constructor; instead, use defaultSetCookie and override values (see http://www.yesodweb.com/book/settings-types for details):

import Web.Cookie
:set -XOverloadedStrings
let cookie = defaultSetCookie { setCookieName = "cookieName", setCookieValue = "cookieValue" }

Cookie Configuration

Cookies have several configuration options; a brief summary of each option is given below. For more information, see RFC 6265 or Wikipedia.

setCookieName :: SetCookie -> ByteString Source #

The name of the cookie. Default value: "name"

setCookieValue :: SetCookie -> ByteString Source #

The value of the cookie. Default value: "value"

setCookiePath :: SetCookie -> Maybe ByteString Source #

The URL path for which the cookie should be sent. Default value: Nothing (The browser defaults to the path of the request that sets the cookie).

setCookieExpires :: SetCookie -> Maybe UTCTime Source #

The time at which to expire the cookie. Default value: Nothing (The browser will default to expiring a cookie when the browser is closed).

setCookieMaxAge :: SetCookie -> Maybe DiffTime Source #

The maximum time to keep the cookie, in seconds. Default value: Nothing (The browser defaults to expiring a cookie when the browser is closed).

setCookieDomain :: SetCookie -> Maybe ByteString Source #

The domain for which the cookie should be sent. Default value: Nothing (The browser defaults to the current domain).

setCookieHttpOnly :: SetCookie -> Bool Source #

Marks the cookie as "HTTP only", i.e. not accessible from Javascript. Default value: False

setCookieSecure :: SetCookie -> Bool Source #

Instructs the browser to only send the cookie over HTTPS. Default value: False

setCookieSameSite :: SetCookie -> Maybe SameSiteOption Source #

Marks the cookie as "same site", i.e. should not be sent with cross-site requests. Default value: Nothing

sameSiteLax :: SameSiteOption Source #

Directs the browser to send the cookie for safe requests (e.g. GET), but not for unsafe ones (e.g. POST)

sameSiteStrict :: SameSiteOption Source #

Directs the browser to not send the cookie for any cross-site request, including e.g. a user clicking a link in their email to open a page on your site.

Functions

defaultSetCookie :: SetCookie Source #

A minimal SetCookie. All fields are Nothing or False except setCookieName = "name" and setCookieValue = "value". You need this to construct a SetCookie, because it does not export a constructor. Equivalently, you may use def.

Since: 0.4.2.2

def :: Default a => a #

The default value for this type.

Client to server

parseCookies :: ByteString -> Cookies Source #

Decode the value of a "Cookie" request header into key/value pairs.

UTF8 Version

type CookiesText = [(Text, Text)] Source #

Textual cookies. Functions assume UTF8 encoding.

Expires field