|
Send a cookie.
- Note:
- Setting a cookie will cause the response not to be cached by proxies and peer browsers, as required by RFC 2109.
- See also:
- RFC 2109 - HTTP State Management Mechanism
The user agent (possibly under the user's control) may determine what level of security it considers appropriate for secure cookies. The Secure attribute should be considered security advice from the server to the user agent, indicating that it is in the session's interest to protect the cookie contents.
- Parameters:
name (string) - Required. The name of the state information (cookie). names that begin with $ are reserved for other uses and must not be used by applications.value (string) - Opaque to the user agent and may be anything the origin server chooses to send, possibly in a server-selected printable ASCII encoding. Opaque implies that the content is of interest and relevance only to the origin server. The content may, in fact, be readable by anyone that examines the Set-Cookie header.comment (string) - Optional. Because cookies can contain private information about a user, the Cookie attribute allows an origin server to document its intended use of a cookie. The user can inspect the information to decide whether to initiate or continue a session with this cookie.domain (string) - Optional. The Domain attribute specifies the domain for which the cookie is valid. An explicitly specified domain must always start with a dot.path (string) - Optional. The Path attribute specifies the subset of URLs to which this cookie applies.secure (bool) - Optional. The Secure attribute directs the user agent to use only (unspecified) secure means to contact the origin server whenever it sends back this cookie.version (int) - Optional. The Version attribute, a decimal integer, identifies to which version of the state management specification the cookie conforms. For the RFC 2109 specification, Version=1 applies. If not specified, this will be set to 1.max_age (int) - The value of the Max-Age attribute is delta-seconds, the lifetime of the cookie in seconds, a decimal non-negative integer. To handle cached cookies correctly, a client should calculate the age of the cookie according to the age calculation rules in the HTTP/1.1 specification. When the age is greater than delta-seconds seconds, the client should discard the cookie. A value of zero means the cookie should be discarded immediately (not when the browsers closes, but really immediately)http_only (bool) - When True the cookie will be made accessible only through the HTTP protocol. This means that the cookie won't be accessible by scripting languages, such as JavaScript. This setting can effectly help to reduce identity theft through XSS attacks (although it is not supported by all browsers). - Returns: None
|