Respect the domain for the session cookie. This fixes #79

2010-07-06 10:42:36 +02:00 · 2010-07-06 10:42:36 +02:00 · da514b3984
commit da514b3984
parent 56796f0f43
2 changed files with 19 additions and 2 deletions
--- a/flask/app.py
+++ b/flask/app.py
@ -420,11 +420,14 @@ class Flask(_PackageBoundObject):
                        object)
        :param response: an instance of :attr:`response_class`
        """
-        expires = None
+        expires = domain = None
        if session.permanent:
            expires = datetime.utcnow() + self.permanent_session_lifetime
+        if self.config['SERVER_NAME'] is not None:
+            domain = '.' + self.config['SERVER_NAME']
        session.save_cookie(response, self.session_cookie_name,
-                            expires=expires, httponly=True)
+                            expires=expires, httponly=True,
+                            domain=domain)

    def register_module(self, module, **options):
        """Registers a module with this application.  The keyword argument