new SessionHandler()
- Source:
Methods
handle(arg0)
Parameters:
Name | Type | Description |
---|---|---|
arg0 |
RoutingContext |
- Source:
setCookieHttpOnlyFlag(httpOnly) → {SessionHandler}
Sets whether the 'HttpOnly' flag should be set for the session cookie. When set this flag instructs browsers to
prevent Javascript access to the the cookie. Used as a line of defence against the most common XSS attacks.
Parameters:
Name | Type | Description |
---|---|---|
httpOnly |
boolean | true to set the HttpOnly flag on the cookie |
- Source:
Returns:
a reference to this, so the API can be used fluently
- Type
- SessionHandler
setCookieSecureFlag(secure) → {SessionHandler}
Sets whether the 'secure' flag should be set for the session cookie. When set this flag instructs browsers to only
send the cookie over HTTPS. Note that this will probably stop your sessions working if used without HTTPS (e.g. in development).
Parameters:
Name | Type | Description |
---|---|---|
secure |
boolean | true to set the secure flag on the cookie |
- Source:
Returns:
a reference to this, so the API can be used fluently
- Type
- SessionHandler
setNagHttps(nag) → {SessionHandler}
Set whether a nagging log warning should be written if the session handler is accessed over HTTP, not
HTTPS
Parameters:
Name | Type | Description |
---|---|---|
nag |
boolean | true to nag |
- Source:
Returns:
a reference to this, so the API can be used fluently
- Type
- SessionHandler
setSessionCookieName(sessionCookieName) → {SessionHandler}
Set the session cookie name
Parameters:
Name | Type | Description |
---|---|---|
sessionCookieName |
string | the session cookie name |
- Source:
Returns:
a reference to this, so the API can be used fluently
- Type
- SessionHandler
setSessionTimeout(timeout) → {SessionHandler}
Set the session timeout
Parameters:
Name | Type | Description |
---|---|---|
timeout |
number | the timeout, in ms. |
- Source:
Returns:
a reference to this, so the API can be used fluently
- Type
- SessionHandler