Add a better check for domain persistance on sessions - add the community members names who helped on website & logo on README

.gitignore

@@ -1,3 +1,4 @@
+IrisProject.komodoproject
 .project
 .idea
 .git

README.md

@@ -58,9 +58,12 @@ If you'd like to discuss this package, or ask questions about it, feel free to
  * Post an issue or  idea [here](https://github.com/kataras/iris/issues).
  * [Chat][Chat].
 
-Iris takes very seriously your opinion,
 
-- [Contribute: New website and logo for Iris](https://github.com/kataras/iris/issues/153)
+New website-docs & logo have been designed by the community[*](https://github.com/kataras/iris/issues/153)
+
+- Website created by [@kujtimiihoxha](https://github.com/kujtimiihoxha) 
+- Logo designed by [@OneebMalik](https://github.com/OneebMalik)
+
 
 Features
 ------------

context.go

@@ -569,6 +569,7 @@ func (ctx *Context) TemplateString(name string, binding interface{}, options ...
 // HTML writes html string with a http status
 func (ctx *Context) HTML(status int, htmlContents string) {
 	if err := ctx.RenderWithStatus(status, contentHTML, htmlContents); err != nil {
+		// if no response engine found for text/html
 		ctx.SetContentType(contentHTML + "; charset=" + ctx.framework.Config.Charset)
 		ctx.RequestCtx.SetStatusCode(status)
 		ctx.RequestCtx.WriteString(htmlContents)

sessions.go

@@ -3,6 +3,7 @@ package iris
 import (
 	"container/list"
 	"encoding/base64"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
@@ -294,6 +295,34 @@ func (m *sessionsManager) generateSessionID() string {
 	return base64.URLEncoding.EncodeToString(utils.Random(32))
 }
 
+func domainCanPersistence(requestDomain string) bool {
+	if requestDomain == "0.0.0.0" || requestDomain == "127.0.0.1" {
+		// for these type of hosts, we can't allow subdomains persistance,
+		// the web browser doesn't understand the mysubdomain.0.0.0.0 and mysubdomain.127.0.0.1 mysubdomain.32.196.56.181. as scorrectly ubdomains because of the many dots
+		// so don't set a cookie domain here, let browser handle this
+		return false
+	}
+
+	dotLen := strings.Count(requestDomain, ".")
+	if dotLen == 0 {
+		// we don't have a domain, maybe something like 'localhost', browser doesn't see the .localhost as wildcard subdomain+domain
+		return false
+	}
+	if dotLen >= 3 {
+		if lastDotIdx := strings.LastIndexByte(requestDomain, '.'); lastDotIdx != -1 {
+			// chekc the last part, if it's number then propably it's ip
+			if len(requestDomain) > lastDotIdx+1 {
+				_, err := strconv.Atoi(requestDomain[lastDotIdx+1:])
+				if err == nil {
+					return false
+				}
+			}
+		}
+	}
+
+	return true
+}
+
 // Start starts the session
 func (m *sessionsManager) start(ctx *Context) *session {
 	var session *session
@@ -313,13 +342,7 @@ func (m *sessionsManager) start(ctx *Context) *session {
 			if portIdx := strings.IndexByte(requestDomain, ':'); portIdx > 0 {
 				requestDomain = requestDomain[0:portIdx]
 			}
-
-			if requestDomain == "0.0.0.0" || requestDomain == "127.0.0.1" {
-				// for these type of hosts, we can't allow subdomains persistance,
-				// the web browser doesn't understand the mysubdomain.0.0.0.0 and mysubdomain.127.0.0.1 as scorrectly ubdomains because of the many dots
-				// so don't set a domain here
-
-			} else if strings.Count(requestDomain, ".") > 0 { // there is a problem with .localhost setted as the domain, so we check that first
+			if domainCanPersistence(requestDomain) {
 
 				// RFC2109, we allow level 1 subdomains, but no further
 				// if we have localhost.com , we want the localhost.com.