Added xsrf_cookie_kwargs to control xsrf cookie settings

author fernando <fernando@funciton.com>

Sat, 17 Oct 2015 14:24:23 +0000 (09:24 -0500)

committer Ben Darnell <ben@bendarnell.com>

Sat, 24 Oct 2015 16:03:23 +0000 (12:03 -0400)
author fernando <fernando@funciton.com>
Sat, 17 Oct 2015 14:24:23 +0000 (09:24 -0500)
committer Ben Darnell <ben@bendarnell.com>
Sat, 24 Oct 2015 16:03:23 +0000 (12:03 -0400)
diff --git a/tornado/web.py b/tornado/web.py

index 76788106962e444bd371226158365a6e50bd5515..1402bb4b5a41141351173a7be18aac8eb623e53a 100644 (file)
--- a/tornado/web.py
+++ b/tornado/web.py
@@ -1147,6 +1147,7 @@ class RequestHandler(object):
          if not hasattr(self, "_xsrf_token"):
              version, token, timestamp = self._get_raw_xsrf_token()
              output_version = self.settings.get("xsrf_cookie_version", 2)
+            cookie_kwargs = self.settings.get("xsrf_cookie_kwargs", {})
              if output_version == 1:
                  self._xsrf_token = binascii.b2a_hex(token)
              elif output_version == 2:
@@ -1162,7 +1163,8 @@ class RequestHandler(object):
              if version is None:
                  expires_days = 30 if self.current_user else None
                  self.set_cookie("_xsrf", self._xsrf_token,
-                                expires_days=expires_days)
+                                expires_days=expires_days,
+                                **cookie_kwargs)
          return self._xsrf_token
  
      def _get_raw_xsrf_token(self):
author	fernando <fernando@funciton.com>
	Sat, 17 Oct 2015 14:24:23 +0000 (09:24 -0500)
committer	Ben Darnell <ben@bendarnell.com>
	Sat, 24 Oct 2015 16:03:23 +0000 (12:03 -0400)