Userid: userid_flags directive to set cookie flags.
This commit is contained in:
Maxim Dounin
parent
105928e76f
commit
bbf1d8b7a6
1 changed files with 72 additions and 0 deletions
|
|
@ -15,12 +15,20 @@
|
|||
#define NGX_HTTP_USERID_V1 2
|
||||
#define NGX_HTTP_USERID_ON 3
|
||||
|
||||
#define NGX_HTTP_USERID_COOKIE_SECURE 0x0001
|
||||
#define NGX_HTTP_USERID_COOKIE_HTTPONLY 0x0002
|
||||
#define NGX_HTTP_USERID_COOKIE_SAMESITE 0x0004
|
||||
#define NGX_HTTP_USERID_COOKIE_SAMESITE_STRICT 0x0008
|
||||
#define NGX_HTTP_USERID_COOKIE_SAMESITE_LAX 0x0010
|
||||
#define NGX_HTTP_USERID_COOKIE_SAMESITE_NONE 0x0020
|
||||
|
||||
/* 31 Dec 2037 23:55:55 GMT */
|
||||
#define NGX_HTTP_USERID_MAX_EXPIRES 2145916555
|
||||
|
||||
|
||||
typedef struct {
|
||||
ngx_uint_t enable;
|
||||
ngx_uint_t flags;
|
||||
|
||||
ngx_int_t service;
|
||||
|
||||
|
|
@ -88,6 +96,19 @@ static ngx_conf_enum_t ngx_http_userid_state[] = {
|
|||
};
|
||||
|
||||
|
||||
static ngx_conf_bitmask_t ngx_http_userid_flags[] = {
|
||||
{ ngx_string("secure"), NGX_HTTP_USERID_COOKIE_SECURE },
|
||||
{ ngx_string("httponly"), NGX_HTTP_USERID_COOKIE_HTTPONLY },
|
||||
{ ngx_string("samesite=strict"),
|
||||
NGX_HTTP_USERID_COOKIE_SAMESITE|NGX_HTTP_USERID_COOKIE_SAMESITE_STRICT },
|
||||
{ ngx_string("samesite=lax"),
|
||||
NGX_HTTP_USERID_COOKIE_SAMESITE|NGX_HTTP_USERID_COOKIE_SAMESITE_LAX },
|
||||
{ ngx_string("samesite=none"),
|
||||
NGX_HTTP_USERID_COOKIE_SAMESITE|NGX_HTTP_USERID_COOKIE_SAMESITE_NONE },
|
||||
{ ngx_null_string, 0 }
|
||||
};
|
||||
|
||||
|
||||
static ngx_conf_post_handler_pt ngx_http_userid_domain_p =
|
||||
ngx_http_userid_domain;
|
||||
static ngx_conf_post_handler_pt ngx_http_userid_path_p = ngx_http_userid_path;
|
||||
|
|
@ -138,6 +159,13 @@ static ngx_command_t ngx_http_userid_commands[] = {
|
|||
0,
|
||||
NULL },
|
||||
|
||||
{ ngx_string("userid_flags"),
|
||||
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE123,
|
||||
ngx_conf_set_bitmask_slot,
|
||||
NGX_HTTP_LOC_CONF_OFFSET,
|
||||
offsetof(ngx_http_userid_conf_t, flags),
|
||||
&ngx_http_userid_flags },
|
||||
|
||||
{ ngx_string("userid_p3p"),
|
||||
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
||||
ngx_conf_set_str_slot,
|
||||
|
|
@ -383,6 +411,26 @@ ngx_http_userid_set_uid(ngx_http_request_t *r, ngx_http_userid_ctx_t *ctx,
|
|||
len += conf->domain.len;
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_SECURE) {
|
||||
len += sizeof("; secure") - 1;
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_HTTPONLY) {
|
||||
len += sizeof("; httponly") - 1;
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_SAMESITE_STRICT) {
|
||||
len += sizeof("; samesite=strict") - 1;
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_SAMESITE_LAX) {
|
||||
len += sizeof("; samesite=lax") - 1;
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_SAMESITE_NONE) {
|
||||
len += sizeof("; samesite=none") - 1;
|
||||
}
|
||||
|
||||
cookie = ngx_pnalloc(r->pool, len);
|
||||
if (cookie == NULL) {
|
||||
return NGX_ERROR;
|
||||
|
|
@ -422,6 +470,26 @@ ngx_http_userid_set_uid(ngx_http_request_t *r, ngx_http_userid_ctx_t *ctx,
|
|||
|
||||
p = ngx_copy(p, conf->path.data, conf->path.len);
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_SECURE) {
|
||||
p = ngx_cpymem(p, "; secure", sizeof("; secure") - 1);
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_HTTPONLY) {
|
||||
p = ngx_cpymem(p, "; httponly", sizeof("; httponly") - 1);
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_SAMESITE_STRICT) {
|
||||
p = ngx_cpymem(p, "; samesite=strict", sizeof("; samesite=strict") - 1);
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_SAMESITE_LAX) {
|
||||
p = ngx_cpymem(p, "; samesite=lax", sizeof("; samesite=lax") - 1);
|
||||
}
|
||||
|
||||
if (conf->flags & NGX_HTTP_USERID_COOKIE_SAMESITE_NONE) {
|
||||
p = ngx_cpymem(p, "; samesite=none", sizeof("; samesite=none") - 1);
|
||||
}
|
||||
|
||||
set_cookie = ngx_list_push(&r->headers_out.headers);
|
||||
if (set_cookie == NULL) {
|
||||
return NGX_ERROR;
|
||||
|
|
@ -658,6 +726,7 @@ ngx_http_userid_create_conf(ngx_conf_t *cf)
|
|||
/*
|
||||
* set by ngx_pcalloc():
|
||||
*
|
||||
* conf->flags = 0;
|
||||
* conf->name = { 0, NULL };
|
||||
* conf->domain = { 0, NULL };
|
||||
* conf->path = { 0, NULL };
|
||||
|
|
@ -682,6 +751,9 @@ ngx_http_userid_merge_conf(ngx_conf_t *cf, void *parent, void *child)
|
|||
ngx_conf_merge_uint_value(conf->enable, prev->enable,
|
||||
NGX_HTTP_USERID_OFF);
|
||||
|
||||
ngx_conf_merge_bitmask_value(conf->flags, prev->flags,
|
||||
NGX_CONF_BITMASK_SET);
|
||||
|
||||
ngx_conf_merge_str_value(conf->name, prev->name, "uid");
|
||||
ngx_conf_merge_str_value(conf->domain, prev->domain, "");
|
||||
ngx_conf_merge_str_value(conf->path, prev->path, "; path=/");
|
||||
|
|
|
|||
Loading…
Reference in a new issue