Laurie Young Laurie Young - 1 year ago 73
Ruby Question

How do I set the HttpOnly flag on a cookie in Ruby on Rails

The page Protecting Your Cookies: HttpOnly explains why making HttpOnly cookies is a good idea.

How do I set this property in Ruby on Rails?

Answer Source

Set the 'http_only' option in the hash used to set a cookie


cookies["user_name"] = { :value => "david", :httponly => true }

or, in Rails 2:


cookies["user_name"] = { :value => "david", :http_only => true }

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download