Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add feature for enabling signed and encrypted cookie support #152

Merged
merged 1 commit into from
May 29, 2020
Merged

Add feature for enabling signed and encrypted cookie support #152

merged 1 commit into from
May 29, 2020

Conversation

kyrias
Copy link
Contributor

@kyrias kyrias commented May 24, 2020

The cookie crate uses the ring crate's HMAC module to implement signed
cookies and its AEAD module for authenticated encrypted cookies.

@kyrias
Add feature for enabling signed and encrypted cookie support
3306954 
The cookie crate uses the ring crate's HMAC module to implement signed
cookies and its AEAD module for authenticated encrypted cookies.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
@kyrias kyrias mentioned this pull request May 24, 2020
Closed
@kyrias
Copy link
Contributor Author

kyrias commented May 24, 2020

(Turns out that cookie 0.14.0 will use the RustCrypto crates instead of ring, though the CookieJar interface appears to be unchanged.)

yoshuawuyts
yoshuawuyts approved these changes May 29, 2020
View reviewed changes
Copy link
Member

@yoshuawuyts yoshuawuyts left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks so much; this LGTM -- though just like in http-rs/tide#541 (review) I'm open to the idea of enabling this by default, and making secure cookie support opt-out rather than opt-in.

@yoshuawuyts yoshuawuyts merged commit 73586c7 into http-rs:master May 29, 2020
@kyrias kyrias deleted the cookie-secure branch May 29, 2020 12:46
@kyrias
Copy link
Contributor Author

kyrias commented May 29, 2020

Sure, I can file another PR adding it to the default feature as well.

@kyrias kyrias mentioned this pull request May 29, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yoshuawuyts yoshuawuyts yoshuawuyts approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kyrias @yoshuawuyts