var commitSession = function(env, jsgiResponse, key, secret){ var session = env["jsgi.session"]; if (!session) return jsgiResponse; var sessionData = JSON.stringify(session); var digest = sha.hash(sessionData + secret).decodeToString(64); // do not serialize if the session is not dirty. if (digest == env["jsgi.session.digest"]) return jsgiResponse; sessionData = sessionData + "--" + digest; if (sessionData.length > 4096) { env["jsgi.errors"] += "Session Cookie data size exceeds 4k! Content dropped"; return jsgiResponse; } var options = env["jsgi.session.options"]; var cookie = { value: sessionData }; if (options["expires_after"]) cookie.expires = new Date() + options["expires_after"]; var response = new Response(jsgiResponse.status, jsgiResponse.headers, jsgiResponse.body); response.setCookie(key, cookie); return response; }