NAME

Starch::Plugin::CookieArgs - Arguments and methods for dealing with HTTP cookies.

SYNOPSIS

my $starch = Starch->new(
    plugins => ['::CookieArgs'],
    cookie_name => 'my_session',
    ...,
);
my $state = $starch->state();
my $cookie_args = $state->cookie_args();
print $cookie_args->{name}; # my_session

DESCRIPTION

This plugin adds new arguments to the manager class and new methods to the state class which are intended to ease the integration of Starch with existing web frameworks.

OPTIONAL MANAGER ARGUMENTS

These arguments are added to the Starch::Manager class.

A detailed description of what these arguments mean and what they can contain is in the CGI::Simple::Cookie documentation.

The name of the session cookie, defaults to session.

The domain name to set the cookie to. Set this to undef, or just don't set it, to let the browser figure this out.

The path within the "cookie_domain" that the cookie should be applied to. Set this to undef, or just don't set it, to let the browser figure it out.

Whether the session cookie can only be transmitted over SSL. This defaults to true, as doing otherwise is a pretty terrible idea as a user's session cookie could be easily hijacker by anyone sniffing network packets.

If this is set to true then JavaScript will not have access to the cookie data, mitigating certain XSS attacks. This defaults to true as having JavaScript that needs access to cookies is a rare case and you should have to explicitly declare that you want to turn this protection off.

STATE METHODS

These methods are added to the Starch::State class.

Returns "cookie_delete_args" if the "is_deleted" in Starch::State, otherwise returns "cookie_set_args".

These args are meant to be compatible with CGI::Simple::Cookie, minus the - in front of the argument names, which is the same format that both Plack and Catalyst accept for cookies.

Returns a hash ref containing all the cookie args including the value being set to "id" in Starch::State and the expires being set to "expires" in Starch::State.

This returns the same thing as "cookie_set_args", but overrides the expires value to be one day in the past which will trigger the client to remove the cookie immediately.

SUPPORT

See "SUPPORT" in Starch.

AUTHORS

See "AUTHORS" in Starch.

COPYRIGHT AND LICENSE

See "COPYRIGHT AND LICENSE" in Starch.