From: fernando <fernando@funciton.com>
Date: Sat, 17 Oct 2015 14:24:23 +0000 (-0500)
Subject: Added xsrf_cookie_kwargs to control xsrf cookie settings
X-Git-Tag: v4.3.0b2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f37d9b75f310b6c516d66834719722a14d3efa18;p=thirdparty%2Ftornado.git

Added xsrf_cookie_kwargs to control xsrf cookie settings
---

diff --git a/tornado/web.py b/tornado/web.py
index 767881069..1402bb4b5 100644
--- a/tornado/web.py
+++ b/tornado/web.py
@@ -1147,6 +1147,7 @@ class RequestHandler(object):
         if not hasattr(self, "_xsrf_token"):
             version, token, timestamp = self._get_raw_xsrf_token()
             output_version = self.settings.get("xsrf_cookie_version", 2)
+            cookie_kwargs = self.settings.get("xsrf_cookie_kwargs", {})
             if output_version == 1:
                 self._xsrf_token = binascii.b2a_hex(token)
             elif output_version == 2:
@@ -1162,7 +1163,8 @@ class RequestHandler(object):
             if version is None:
                 expires_days = 30 if self.current_user else None
                 self.set_cookie("_xsrf", self._xsrf_token,
-                                expires_days=expires_days)
+                                expires_days=expires_days,
+                                **cookie_kwargs)
         return self._xsrf_token
 
     def _get_raw_xsrf_token(self):