All Versions
8
Latest Version
Avg Release Cycle
107 days
Latest Release
205 days ago

Changelog History

  • v1.3.0

    August 14, 2020

    ➕ add SameSite parameter as requested in issue #11.

    0️⃣ By default, SameSite is undefined and unspecified in Set-Cookie. Acceptable values are securecookie.None, securecookie.Lax and securecookie.Strict. A SameSite parameter with value None is specified in Set-Cookie only when Secure is true.

  • v1.2.0

    April 15, 2020

    ➕ Add accessor method Name() and complete example.

  • v1.1.0

    February 22, 2020

    ➕ Add function MustGenerateRandomKey. This function calls GenerateRandomKey and panics if it returns an error. This function is intended to be used to initialize the key outside of any function like this:

    var cookiesKey = securecookie.MustGenerateRandomKey()var myCookie = securecookie.MustNew("myCookie", cookiesKey, securecookie.Params{ Path: "/sec", // cookie received only when URL starts with this pathDomain: "example.com", // cookie received only when URL domain matches this oneMaxAge: 3600, // cookie becomes invalid 3600 seconds after it is setHTTPOnly: true, // disallow access by remote javascript code Secure: true, // cookie received only with HTTPS, never with HTTP})func main() { ...}
    
  • v1.0.0

    February 03, 2020

    🚀 This is the same release as v1.0 with the difference that the tag is now v1.0.0 so that it is recognized by go module tools.

  • v0.6

    August 26, 2018

    The files go.mod and go.sum have been added.

    ✅ The dependency with github.com/gorilla/securecookie is only because it is used for benchmarks with tests.

  • v0.5

    August 31, 2018

    🚀 This release fixes the validity check of the cookie domain name field value.

    Previously, the function would reject domain names with hyphens or uppercase letters.
    Now the function will accept hyphens in domain names, uppercase letters and will ensure label length limits are respected, according to the specifications.

    🔒 The fixed errors did not affect security. It only restricted accepted domain names and thus usability.

  • v0.4

    September 23, 2017
    • 📦 Renamed the package as securecookie.
    • ➕ Added travis CI, coverage test, and go report badges.
    • Code coverage is 100%.
    • 🛠 Fixed the few issues reported by go report. It's now rated A+.
    • 📦 The package is still referenced as beta stage because it needs more feedback and experience.
  • v0.3

    September 23, 2017

    🚀 This release removes all heap allocation in secure cookie value encoding and decoding methods.
    📦 The package will be renamed into securecookie for clarity of its purpose.