Implements HTTP cookies, as described by
RFC 6265.
To have a class@Session handle cookies for your appliction
automatically, use a class@CookieJar.
@name and @value will be set for all cookies. If the cookie is
generated from a string that appears to have no name, then @name
will be the empty string.
@domain and @path give the host or domain, and path within that
host/domain, to restrict this cookie to. If @domain starts with
".", that indicates a domain (which matches the string after the
".", or any hostname that has @domain as a suffix). Otherwise, it
is a hostname and must match exactly.
@expires will be non-null if the cookie uses either the original
"expires" attribute, or the newer "max-age" attribute. If @expires
is null, it indicates that neither "expires" nor "max-age" was
specified, and the cookie expires at the end of the session.
If @http_only is set, the cookie should not be exposed to untrusted
code (eg, javascript), so as to minimize the danger posed by
cross-site scripting attacks.
Implements HTTP cookies, as described by RFC 6265.
To have a class@Session handle cookies for your appliction automatically, use a class@CookieJar.
@name and @value will be set for all cookies. If the cookie is generated from a string that appears to have no name, then @name will be the empty string.
@domain and @path give the host or domain, and path within that host/domain, to restrict this cookie to. If @domain starts with ".", that indicates a domain (which matches the string after the ".", or any hostname that has @domain as a suffix). Otherwise, it is a hostname and must match exactly.
@expires will be non-null if the cookie uses either the original "expires" attribute, or the newer "max-age" attribute. If @expires is null, it indicates that neither "expires" nor "max-age" was specified, and the cookie expires at the end of the session.
If @http_only is set, the cookie should not be exposed to untrusted code (eg, javascript), so as to minimize the danger posed by cross-site scripting attacks.