safe_cookies is now in public beta

Posted . Visible to the public. Deprecated.

The gem is no longer maintained.

Also, IE11 received HSTS support in 2015:
https://support.microsoft.com/en-us/help/3071338/internet-explorer-11-adds-support-for-http-strict-transport-security-s

We proudly release our safe_cookies middleware into public beta and just published it on Github Show archive.org snapshot .

Features are:

  • make all application cookies secure and HttpOnly (keeping them from being sent over HTTP and protecting them from Javascript)
  • rewrite all client cookies once, making them secure and HttpOnly
  • notification if a request has unregistered cookies (no unsecure cookie will slip by)
  • ability to ignore external cookies, like __utma and other tracking cookies
  • easy configuration

Go and check it out Show archive.org snapshot !

github.com
Dominik Schöler
makandra.de
Say thanks
Last edit
License
Source code in this card is licensed under the MIT License.
Posted by Dominik Schöler to makandra dev (2013-10-21 14:10)
This website uses short-lived cookies to improve usability.
or learn more