mention base64 encoding

mojolicious · Nov 3, 2012 · 9c0b1b3 · 9c0b1b3
1 parent 398d590
commit 9c0b1b3
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 6 deletions.
diff --git a/lib/Mojolicious/Controller.pm b/lib/Mojolicious/Controller.pm
@@ -842,8 +842,8 @@ timeout, which usually defaults to C<15> seconds.
   $c          = $c->session(foo => 'bar');
 
 Persistent data storage, all session data gets serialized with L<Mojo::JSON>
-and stored in C<HMAC-SHA1> signed cookies. Note that cookies usually have a
-4096 byte limit, depending on browser.
+and stored C<Base64> encoded in C<HMAC-SHA1> signed cookies. Note that cookies
+usually have a 4096 byte limit, depending on browser.
 
   # Manipulate session
   $c->session->{foo} = 'bar';

diff --git a/lib/Mojolicious/Guides/Growing.pod b/lib/Mojolicious/Guides/Growing.pod
@@ -112,8 +112,9 @@ ids were exchanged between browser and web server in the form of cookies.
   Set-Cookie: session=hmac-sha1(base64(json($session)))
 
 In L<Mojolicious> however we are taking this concept one step further by
-storing everything in C<HMAC-SHA1> signed cookies, which is more compatible
-with the REST philosophy and reduces infrastructure requirements.
+storing everything C<JSON> serialized and C<Base64> encoded in C<HMAC-SHA1>
+signed cookies, which is more compatible with the REST philosophy and reduces
+infrastructure requirements.
 
 =head2 Test Driven Development
 

diff --git a/lib/Mojolicious/Sessions.pm b/lib/Mojolicious/Sessions.pm
@@ -85,8 +85,9 @@ Mojolicious::Sessions - Signed cookie based session manager
 =head1 DESCRIPTION
 
 L<Mojolicious::Sessions> manages simple signed cookie based sessions for
-L<Mojolicious>. All data gets serialized with L<Mojo::JSON> and stored on the
-client-side, but is protected from unwanted changes with a signature.
+L<Mojolicious>. All data gets serialized with L<Mojo::JSON> and stored
+C<Base64> encoded on the client-side, but is protected from unwanted changes
+with a C<HMAC-SHA1> signature.
 
 =head1 ATTRIBUTES