Contents

= New Features

* A cookie_flags plugin has been added, for overriding, warning, or
  raising for incorrect cookie flags. The plugin by default checks
  whether the secure, httponly, and samesite=strict flags are set.
  The default behavior is to add the appropriate flags if they are
  not set, and change the samesite flag to strict if it is set to
  something else.  You can configure the flag checking behavior
  via the :httponly, :same_site, and :secure options.

  You can configure the action the plugin takes via the :action option.
  The default action is to modify the flags, but the :action option can
  be set to :raise, :warn, or :warn_and_modify to override the behavior.

  The recommended way to use the plugin is to use it during testing,
  and specify action: :raise, so you can catch places where cookies
  are set with the wrong flags.  Then you can fix those places to
  use the correct flags, which is better than relying on the plugin
  at runtime in production to fix incorrect flags.

Version data entries

8 entries across 8 versions & 1 rubygems

Version	Path
roda-3.83.0	doc/release_notes/3.75.0.txt
roda-3.82.0	doc/release_notes/3.75.0.txt
roda-3.81.0	doc/release_notes/3.75.0.txt
roda-3.79.0	doc/release_notes/3.75.0.txt
roda-3.78.0	doc/release_notes/3.75.0.txt
roda-3.77.0	doc/release_notes/3.75.0.txt
roda-3.76.0	doc/release_notes/3.75.0.txt
roda-3.75.0	doc/release_notes/3.75.0.txt