From 2d067ac08101b10e9622d741a12a92c89fac5693 Mon Sep 17 00:00:00 2001
From: Gerasimos Maropoulos <makis@ideopod.com>
Date: Thu, 18 Aug 2016 03:20:59 +0300
Subject: [PATCH] Update to 4.1.1 - Able to set Sessions.CookieLength. Read
 HISTORY.md

https://github.com/kataras/iris/blob/master/HISTORY.md
---
 HISTORY.md         |  5 +++--
 README.md          |  6 +++---
 config/sessions.go |  6 ++++++
 context.go         | 19 +++++++++++++++++--
 iris.go            |  2 +-
 sessions.go        | 11 +++++++++--
 6 files changed, 39 insertions(+), 10 deletions(-)

diff --git a/HISTORY.md b/HISTORY.md
index 84e4da0f..37e029f5 100644
--- a/HISTORY.md
+++ b/HISTORY.md
@@ -2,11 +2,12 @@
 
 **How to upgrade**: remove your `$GOPATH/src/github.com/kataras/iris` folder, open your command-line and execute this command: `go get -u github.com/kataras/iris/iris`.
 
-## 4.0.0 -> 4.1.0
+## 4.0.0 -> 4.1.1
 
 - **NEW FEATURE**: Basic remote control through SSH, example [here](https://github.com/iris-contrib/examples/blob/master/ssh/main.go)
 - **NEW FEATURE**: Optionally `OnError` foreach Party (by prefix, use it with your own risk), example [here](https://github.com/iris-contrib/examples/blob/master/httperrors/main.go#L37)
-- **FIX**: Sessions + SetFlash on same handler strange behavior[*](https://github.com/kataras/iris/issues/351)
+- **NEW**: `iris.Config.Sessions.CookieLength`, You're able to customize the length of each sessionid's cookie's value. Default (and previous' implementation) is 32.
+- **FIX**: Websocket panic on non-websocket connection[*](https://github.com/kataras/iris/issues/367)
 - **FIX**: Multi websocket servers client-side source route panic[*](https://github.com/kataras/iris/issues/365)
 - Better gzip response managment
 
diff --git a/README.md b/README.md
index 06964679..f92e85ea 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@
 
 <a href="https://github.com/kataras/iris/blob/master/LICENSE"><img src="https://img.shields.io/badge/%20license-MIT%20%20License%20-E91E63.svg?style=flat-square" alt="License"></a>
 
-<a href="https://github.com/kataras/iris/releases"><img src="https://img.shields.io/badge/%20release%20-%20v4.1.0%20-blue.svg?style=flat-square" alt="Releases"></a>
+<a href="https://github.com/kataras/iris/releases"><img src="https://img.shields.io/badge/%20release%20-%20v4.1.1%20-blue.svg?style=flat-square" alt="Releases"></a>
 
 <a href="https://www.gitbook.com/book/kataras/iris/details"><img src="https://img.shields.io/badge/%20docs-reference-5272B4.svg?style=flat-square" alt="Practical Guide/Docs"></a><br/>
 
@@ -144,7 +144,7 @@ I recommend writing your API tests using this new library, [httpexpect](https://
 Versioning
 ------------
 
-Current: **v4.1.0**
+Current: **v4.1.1**
 
 >  Iris is an active project
 
@@ -179,7 +179,7 @@ License can be found [here](LICENSE).
 [Travis]: http://travis-ci.org/kataras/iris
 [License Widget]: https://img.shields.io/badge/license-MIT%20%20License%20-E91E63.svg?style=flat-square
 [License]: https://github.com/kataras/iris/blob/master/LICENSE
-[Release Widget]: https://img.shields.io/badge/release-v4.1.0-blue.svg?style=flat-square
+[Release Widget]: https://img.shields.io/badge/release-v4.1.1-blue.svg?style=flat-square
 [Release]: https://github.com/kataras/iris/releases
 [Chat Widget]: https://img.shields.io/badge/community-chat-00BCD4.svg?style=flat-square
 [Chat]: https://kataras.rocket.chat/channel/iris
diff --git a/config/sessions.go b/config/sessions.go
index c9894f42..1e80c2c3 100644
--- a/config/sessions.go
+++ b/config/sessions.go
@@ -17,6 +17,8 @@ const (
 	DefaultCookieName = "irissessionid"
 	// DefaultSessionGcDuration  is the default Session Manager's GCDuration , which is 2 hours
 	DefaultSessionGcDuration = time.Duration(2) * time.Hour
+	// DefaultCookieLength is the default Session Manager's CookieLength, which is 32
+	DefaultCookieLength = 32
 )
 
 type (
@@ -31,6 +33,9 @@ type (
 	Sessions struct {
 		// Cookie string, the session's client cookie name, for example: "irissessionid"
 		Cookie string
+		// CookieLength the length of the sessionid's cookie's value, let it to 0 if you don't want to change it
+		// Defaults to 32
+		CookieLength int
 		// DecodeCookie set it to true to decode the cookie key with base64 URLEncoding
 		// Defaults to false
 		DecodeCookie bool
@@ -57,6 +62,7 @@ type (
 func DefaultSessions() Sessions {
 	return Sessions{
 		Cookie:                      DefaultCookieName,
+		CookieLength:                DefaultCookieLength,
 		DecodeCookie:                false,
 		Expires:                     0,
 		GcDuration:                  DefaultSessionGcDuration,
diff --git a/context.go b/context.go
index 8dfcd8bb..4bc33747 100644
--- a/context.go
+++ b/context.go
@@ -232,13 +232,14 @@ func (ctx *Context) VirtualHostname() string {
 // PathString returns the full escaped path as string
 // for unescaped use: ctx.RequestCtx.RequestURI() or RequestPath(escape bool)
 func (ctx *Context) PathString() string {
-	return ctx.RequestPath(true)
+	return ctx.RequestPath(!ctx.framework.Config.DisablePathEscape)
 }
 
 // RequestPath returns the requested path
 func (ctx *Context) RequestPath(escape bool) string {
 	if escape {
-		return utils.BytesToString(ctx.RequestCtx.Path())
+		//	return utils.BytesToString(ctx.RequestCtx.Path())
+		return utils.BytesToString(ctx.RequestCtx.URI().PathOriginal())
 	}
 	return utils.BytesToString(ctx.RequestCtx.RequestURI())
 }
@@ -462,6 +463,20 @@ func (ctx *Context) Redirect(urlToRedirect string, statusHeader ...int) {
 		httpStatus = statusHeader[0]
 	}
 	ctx.RequestCtx.Redirect(urlToRedirect, httpStatus)
+
+	/* you can use one of these if you want to customize the redirection:
+		1.
+			u := fasthttp.AcquireURI()
+			ctx.URI().CopyTo(u)
+			u.Update(urlToRedirect)
+			ctx.SetHeader("Location", string(u.FullURI()))
+			fasthttp.ReleaseURI(u)
+			ctx.SetStatusCode(httpStatus)
+	2.
+			ctx.SetHeader("Location", urlToRedirect)
+			ctx.SetStatusCode(httpStatus)
+	*/
+
 	ctx.StopExecution()
 }
 
diff --git a/iris.go b/iris.go
index cea09385..ec5db64e 100644
--- a/iris.go
+++ b/iris.go
@@ -85,7 +85,7 @@ import (
 
 const (
 	// Version of the iris
-	Version = "4.1.0"
+	Version = "4.1.1"
 
 	banner = `         _____      _
         |_   _|    (_)
diff --git a/sessions.go b/sessions.go
index 343c6d34..546e6cdd 100644
--- a/sessions.go
+++ b/sessions.go
@@ -54,10 +54,13 @@ func (s *session) ID() string {
 
 // Get returns the value of an entry by its key
 func (s *session) Get(key string) interface{} {
-	s.provider.update(s.sid)
+	s.mu.Lock() // for any-case.
 	if value, found := s.values[key]; found {
+		s.mu.Unlock()
+		s.provider.update(s.sid)
 		return value
 	}
+	s.mu.Unlock()
 	return nil
 }
 
@@ -280,6 +283,10 @@ func newSessionsManager(c *config.Sessions) *sessionsManager {
 		// get the real value for your tests by:
 		//sessIdKey := url.QueryEscape(base64.URLEncoding.EncodeToString([]byte(iris.Config.Sessions.Cookie)))
 	}
+	if c.CookieLength <= 0 {
+		c.CookieLength = config.DefaultCookieLength
+	}
+
 	manager := &sessionsManager{config: c, provider: &sessionProvider{list: list.New(), sessions: make(map[string]*list.Element, 0), databases: make([]SessionDatabase, 0), expires: c.Expires}}
 	//run the GC here
 	go manager.gc()
@@ -292,7 +299,7 @@ func (m *sessionsManager) registerDatabase(db SessionDatabase) {
 }
 
 func (m *sessionsManager) generateSessionID() string {
-	return base64.URLEncoding.EncodeToString(utils.Random(32))
+	return base64.URLEncoding.EncodeToString(utils.Random(m.config.CookieLength))
 }
 
 func domainCanPersistence(requestDomain string) bool {