Changelog History
-
v1.3.0 Changes
August 14, 2020➕ add SameSite parameter as requested in issue #11.
0️⃣ By default, SameSite is undefined and unspecified in Set-Cookie. Acceptable values are securecookie.None, securecookie.Lax and securecookie.Strict. A SameSite parameter with value None is specified in Set-Cookie only when Secure is true.
-
v1.2.0 Changes
April 15, 2020➕ Add accessor method
Name()
and complete example. -
v1.1.0 Changes
February 22, 2020➕ Add function
MustGenerateRandomKey
. This function callsGenerateRandomKey
and panics if it returns an error. This function is intended to be used to initialize the key outside of any function like this:var cookiesKey = securecookie.MustGenerateRandomKey()var myCookie = securecookie.MustNew("myCookie", cookiesKey, securecookie.Params{ Path: "/sec", // cookie received only when URL starts with this pathDomain: "example.com", // cookie received only when URL domain matches this oneMaxAge: 3600, // cookie becomes invalid 3600 seconds after it is setHTTPOnly: true, // disallow access by remote javascript code Secure: true, // cookie received only with HTTPS, never with HTTP})func main() { ...}
-
v1.0.0 Changes
February 03, 2020🚀 This is the same release as v1.0 with the difference that the tag is now v1.0.0 so that it is recognized by go module tools.
-
v0.6 Changes
August 26, 2018The files go.mod and go.sum have been added.
✅ The dependency with
github.com/gorilla/securecookie
is only because it is used for benchmarks with tests. -
v0.5 Changes
August 31, 2018🚀 This release fixes the validity check of the cookie domain name field value.
Previously, the function would reject domain names with hyphens or uppercase letters.
Now the function will accept hyphens in domain names, uppercase letters and will ensure label length limits are respected, according to the specifications.🔒 The fixed errors did not affect security. It only restricted accepted domain names and thus usability.
-
v0.4 Changes
September 23, 2017- 📦 Renamed the package as securecookie.
- ➕ Added travis CI, coverage test, and go report badges.
- Code coverage is 100%.
- 🛠 Fixed the few issues reported by go report. It's now rated A+.
- 📦 The package is still referenced as beta stage because it needs more feedback and experience.
-
v0.3 Changes
September 23, 2017🚀 This release removes all heap allocation in secure cookie value encoding and decoding methods.
📦 The package will be renamed into securecookie for clarity of its purpose.