aboutsummaryrefslogtreecommitdiff
path: root/sessions.go
diff options
context:
space:
mode:
Diffstat (limited to 'sessions.go')
-rw-r--r--sessions.go8
1 files changed, 7 insertions, 1 deletions
diff --git a/sessions.go b/sessions.go
index a4d019d..115f3ab 100644
--- a/sessions.go
+++ b/sessions.go
@@ -45,7 +45,10 @@ func NewSession(store Store, name string) *Session {
// Session stores the values and optional configuration for a session.
type Session struct {
- ID string
+ // The ID of the session, generated by stores. It should not be used for
+ // user data.
+ ID string
+ // Values contains the user-data for the session.
Values map[interface{}]interface{}
Options *Options
IsNew bool
@@ -139,6 +142,9 @@ type Registry struct {
//
// It returns a new session if there are no sessions registered for the name.
func (s *Registry) Get(store Store, name string) (session *Session, err error) {
+ if !isCookieNameValid(name) {
+ return nil, fmt.Errorf("sessions: invalid character in cookie name: %s", name)
+ }
if info, ok := s.sessions[name]; ok {
session, err = info.s, info.e
} else {