[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [lwip-devel] [patch #9576] Adding authorization cookie management
|
From: |
Giuseppe Modugno |
|
Subject: |
Re: [lwip-devel] [patch #9576] Adding authorization cookie management |
|
Date: |
Wed, 28 Feb 2018 14:45:51 +0100 |
|
User-agent: |
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
Il 27/02/2018 10:39, Giuseppe Modugno ha scritto:
I tried to add authorization cookie management to httpd. [...]
I'm using cookie to add the session ID in every subsequent HTTP
requests, so the server can check if it is valid or not.
Theorically, the authentication cookie should be added through
"Set-Cookie" header in HTTP response from the server. In order to keep
httpd simple, I use another solution. The session ID is returned in the
body of a normal HTTP response (of course, a "generated virtual" file).
It's the client that manually adds the cookie with the Javascript
instruction:
document.cookie = "Auth=" + json.sid;
And the client could automatically goes to the home page with the
correct cookie with the follow instruction:
window.location.replace("index.html");