package sihl

You can search for identifiers within the package.

in-package search v0.2.0

The modular functional web framework

Install

Dune Dependency

github.com Readme Changelog Edit opam file Versions (35)

Authors

Maintainers

J

josef@oxidizing.io

Sources

sihl-queue-0.1.8.tbz

sha256=e77ffae26dac04e446ff07854de68a03edfd05031b5cb0dbcb6dc4a96e2d1c8e

sha512=7682c55136dbb8c68517ccd2c157a3556d966cb8565d15cf21ab270f92ea7e9ee5d3ac1479ba2e34a80f3052ca5dd1a74e964a8764c2164e3e71e9048fcdf51b

doc/sihl.http/Sihl_http/Cookie/Signer/index.html

Module `Cookie.Signer`Source

Sign an unsign cookies with secret.

Beware that signing a cookie is not the same as encrypting it! The value of a signed cookie is still visible to anyone, so don't store any sensitive information in it.

When signing a cookie, a hash of its value is generated using the Signer's secret. The generated string is appended to the Cookie's value. So, for instance, if you have a Cookie key=value, the signed cookie will look like key=value.xRt15vh.

When reading the cookie value, the hash will be regenerated again and compared with the sent value. If the values are not the same, the cookie has been tempered with, and we discard it.

Sourcetype t

Constructors

`make`

Sourceval make : ?salt:string -> string -> t

make ?salt secret returns a new signer that will sign values with secret

Signing functions

`sign`

Sourceval sign : t -> string -> string

sign signer value signs the string value with signer

`unsign`

Sourceval unsign : t -> string -> string option

unsign signer value unsigns a signed string value with signer.Httpaf

To avoid time attacks, this function is constant time, it will iterate through all the characters of value, even if it is not the same.

On This Page

Constructors
1. make
Signing functions
1. sign
2. unsign