From 771d568720c05ee4d2e38dff356b4b716834cde5 Mon Sep 17 00:00:00 2001 From: Florian Margaine Date: Sun, 3 May 2015 14:06:30 +0200 Subject: [PATCH] Copy to docstring to documentation Since the docstring can be overwritten by the documentation, it must be fully verbatim. --- doc/index.xml | 11 ++++++++++- www/hunchentoot-doc.html | 11 ++++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/doc/index.xml b/doc/index.xml index a8c88f3..6734dca 100644 --- a/doc/index.xml +++ b/doc/index.xml @@ -2579,7 +2579,16 @@ cookie - Regenerates the session cookie value. + Regenerates the session cookie value. This should be used + when a user logs in according to the application to prevent + against session fixation attacks. The cookie value being + dependent on ID, USER-AGENT, REMOTE-ADDR, START, and + *SESSION-SECRET*, the only value we can change is START to + regenerate a new value. Since we're generating a new cookie, + it makes sense to have the session being restarted, in + time. That said, because of this fact, calling this function + twice in the same second will regenerate twice the same + value. diff --git a/www/hunchentoot-doc.html b/www/hunchentoot-doc.html index 20ca1df..a6f7a16 100644 --- a/www/hunchentoot-doc.html +++ b/www/hunchentoot-doc.html @@ -2474,7 +2474,16 @@ => cookie
- Regenerates the session cookie value. + Regenerates the session cookie value. This should be used + when a user logs in according to the application to prevent + against session fixation attacks. The cookie value being + dependent on ID, USER-AGENT, REMOTE-ADDR, START, and + *SESSION-SECRET*, the only value we can change is START to + regenerate a new value. Since we're generating a new cookie, + it makes sense to have the session being restarted, in + time. That said, because of this fact, calling this function + twice in the same second will regenerate twice the same + value.

-- 2.11.4.GIT