[Ur] Encrypted cookies or hashed values
Taru Karttunen
taruti at taruti.net
Wed Jan 4 05:12:37 EST 2012
Hello
I created a small library[1] for captchas and am trying to set secret
values in cookies. Are there either seeded hash functions or encrypted
cookies available?
My thinking of a workflow is:
1) Signup form includes an <img src={url (myImg ())}/>
2) fun myImg () =
c <- Captcha.create ();
setCookie cc { Value = { Txt=cryptoOrSeededHash (Captcha.txt c) }, Secure = False, Expires = None };
returnBlob (Captcha.gif c) (blessMime "image/gif")
3) safeGet + allowMime
4) Upon form submission check that the value in the cookie matches
the one in the submitted form.
Or is there a better way to do this? I'd like to avoid saving the values
in the database.
[1] https://bitbucket.org/taruti/urcaptcha
- Taru Karttunen
More information about the Ur
mailing list