Respect the domain for the session cookie. This fixes #79

2010-07-06 10:42:36 +02:00 · 2010-07-06 10:42:36 +02:00 · da514b3984
commit da514b3984
parent 56796f0f43
2 changed files with 19 additions and 2 deletions
--- a/tests/flask_tests.py
+++ b/tests/flask_tests.py
@ -172,6 +172,20 @@ class BasicFunctionalityTestCase(unittest.TestCase):
        assert c.post('/set', data={'value': '42'}).data == 'value set'
        assert c.get('/get').data == '42'

+    def test_session_using_server_name(self):
+        app = flask.Flask(__name__)
+        app.config.update(
+            SECRET_KEY='foo',
+            SERVER_NAME='example.com'
+        )
+        @app.route('/')
+        def index():
+            flask.session['testing'] = 42
+            return 'Hello World'
+        rv = app.test_client().get('/', 'http://example.com/')
+        assert 'domain=.example.com' in rv.headers['set-cookie'].lower()
+        assert 'httponly' in rv.headers['set-cookie'].lower()
+
    def test_missing_session(self):
        app = flask.Flask(__name__)
        def expect_exception(f, *args, **kwargs):