-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Migrate to a signed, non-http-only "user_token-v2" cookie
We need access to the user_token from javascript as well... for upcoming work. The cleanest way to get there is to introduce an updated version of the "user_token" cookie: "user_token-v2" since: - there's no way to detect if a cookie is http-only (ugh). - we've already previously updated from unsigned to signed version of "user_token" cookie--for *some* users, but probably not for most. - the "user_token" cookie is permanent for this site... Once updated to "user_token-v2", the old "user_token" cookie is deleted. Note: Since the existing "user_token" cookie is permanent, we have to keep this script around "indefinitely".
- Loading branch information
Showing
3 changed files
with
30 additions
and
29 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters