From f37d9b75f310b6c516d66834719722a14d3efa18 Mon Sep 17 00:00:00 2001
From: fernando <fernando@funciton.com>
Date: Sat, 17 Oct 2015 09:24:23 -0500
Subject: [PATCH] Added xsrf_cookie_kwargs to control xsrf cookie settings

---
 tornado/web.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tornado/web.py b/tornado/web.py
index 767881069..1402bb4b5 100644
--- a/tornado/web.py
+++ b/tornado/web.py
@@ -1147,6 +1147,7 @@ class RequestHandler(object):
         if not hasattr(self, "_xsrf_token"):
             version, token, timestamp = self._get_raw_xsrf_token()
             output_version = self.settings.get("xsrf_cookie_version", 2)
+            cookie_kwargs = self.settings.get("xsrf_cookie_kwargs", {})
             if output_version == 1:
                 self._xsrf_token = binascii.b2a_hex(token)
             elif output_version == 2:
@@ -1162,7 +1163,8 @@ class RequestHandler(object):
             if version is None:
                 expires_days = 30 if self.current_user else None
                 self.set_cookie("_xsrf", self._xsrf_token,
-                                expires_days=expires_days)
+                                expires_days=expires_days,
+                                **cookie_kwargs)
         return self._xsrf_token
 
     def _get_raw_xsrf_token(self):
-- 
2.47.2