From 44d7da2da52b874847af4cd193764d73aa1ddd71 Mon Sep 17 00:00:00 2001
From: Andrea Sonny <andreasonny83@gmail.com>
Date: Wed, 15 Jun 2016 19:37:28 +0100
Subject: [PATCH] preparing v1.1.0

---
 CHANGELOG.md        |  35 +++++++++++++
 README.md           | 120 ++++++++++++++++++++++++--------------------
 bower.json          |   6 +--
 demo/index.html     |  18 +++----
 polymer-cookie.html |  26 +++++++---
 5 files changed, 128 insertions(+), 77 deletions(-)
 create mode 100644 CHANGELOG.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..039b59f
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,35 @@
+# polymer-cookie Changelog
+
+## 1.1.0 - 2016.06.15
+
+*   introducing Domain
+*   introducing HttpOnly
+*   path and domain set as optional values
+*   minor code refactoring and documentation update
+
+## 1.0.4 - 2016.06.02
+
+*   minor code refactoring
+*   documentation updated
+*   cookie expiration time bug fixed when time is set to '-1'
+*   demo page introduced
+
+## 1.0.3 - 2016.02.12
+
+*   autoSet implementation
+*   fixes createCookie
+*   removes encodeURIComponent
+*   fixes readCookie declaration
+*   documentation updated
+
+## 0.1.2 - 2015.29.01
+
+*   Implemented reflectToAttribute capability
+
+## 0.1.1 - 2015.07.01
+
+*   first stable version
+
+## 0.1.0 - 2015.06.30
+
+*   initial commit
diff --git a/README.md b/README.md
index be57cc1..46ff980 100644
--- a/README.md
+++ b/README.md
@@ -1,9 +1,11 @@
 # polymer-cookie
 
-<img src="http://benschwarz.github.io/bower-badges/badge@2x.png" width="130" height="30">
+> Cookie Web Component for Polymer 1.x
 
 [![Bower version](https://badge.fury.io/bo/polymer-cookie.svg)](https://badge.fury.io/bo/polymer-cookie)
 
+![](http://benschwarz.github.io/bower-badges/badge@2x.png)
+
 Cookie Web Component for Polymer 1.0
 
 ```html
@@ -29,14 +31,14 @@ Note: The `params` attribute must be double quoted JSON.
 
 Add the library using the Javascript package manager [Bower](http://bower.io/):
 
-```
-bower install --save polymer-cookie
+```shell
+$ bower install --save polymer-cookie
 ```
 
 Or clone this repository inside your project folder using Git:
 
-```
-git clone https://github.com/andreasonny83/polymer-cookie.git
+```shell
+$ git clone https://github.com/andreasonny83/polymer-cookie.git
 ```
 
 ## Properties
@@ -44,6 +46,7 @@ git clone https://github.com/andreasonny83/polymer-cookie.git
 ### name
 
 Type: String
+
 Default value: 'polymer-cookie'
 
 Set the cookie name
@@ -51,6 +54,7 @@ Set the cookie name
 ### value
 
 type: String
+
 Default value: ''
 
 The cookie value
@@ -58,20 +62,32 @@ The cookie value
 ### path
 
 type: String
-Default value: '/'
 
-The cookie path
+Default value: ''
+
+The cookie path.
+
+The path must be absolute.
+If not specified, defaults to the current path of the current document location.
 
 ### domain
 
 type: String
+
 Default value: ''
 
-The cookie domain
+The cookie domain.
+
+(e.g., 'example.com' or 'subdomain.example.com').
+If not specified, defaults to the host portion of the current document location
+(but not including subdomains). Contrary to earlier specifications,
+leading dots in domain names are ignored. If a domain is specified,
+subdomains are always included.
 
 ### time
 
 type: Number
+
 Default value: 1
 
 The expiration time related to the 'format' value.
@@ -80,6 +96,7 @@ Set to -1 to never expire the cookie
 ### format
 
 type: String
+
 Default value: 'd'
 
 The expiration format time
@@ -89,9 +106,28 @@ The expiration format time
 *   'h' : hours
 *   'd' : days
 
+### secure
+
+type: Boolean
+
+Default value: false
+
+Cookie to only be transmitted over secure protocol as https
+
+### http-only
+
+type: Boolean
+
+Default value: false
+
+The HTTPOnly cookie attribute can help to mitigate this attack by
+preventing access to cookie value through Javascript. Read more about
+[Cookies and Security](https://www.nczonline.net/blog/2009/05/12/cookies-and-security/).
+
 ### auto-set
 
 type: Boolean
+
 Default value: false
 
 If set, creates the cookie as the element is rendered on the page without
@@ -103,7 +139,7 @@ the need of manually invoking createCookie
 
 Write the cookie
 
-```
+```js
 var cookie = Polymer.dom(document).querySelector('#user_cookie');
 cookie.createCookie();
 ```
@@ -112,7 +148,7 @@ cookie.createCookie();
 
 Read the cookie if any, and the returns its value
 
-```
+```js
 var cookie = Polymer.dom(document).querySelector('#user_cookie');
 var cookie_value = cookie.readCookie();
 ```
@@ -121,19 +157,19 @@ var cookie_value = cookie.readCookie();
 
 Destroy the cookie
 
-```
+```js
 var cookie = Polymer.dom(document).querySelector('#user_cookie');
 cookie.eraseCookie();
 ```
 
 ## Rendering in a demo page
 
-### Install Polymer CLI.
+### Install Polymer CLI
 
 Install the Polymer CLI to serve the demo locally with:
 
-```
-npm install -g polymer-cli
+```shell
+$ npm install -g polymer-cli
 ```
 
 ### Run the demo
@@ -142,8 +178,8 @@ To run the element demo:
 
 Run polymer serve from the repo directory:
 
-```
-polymer serve
+```shell
+$ polymer serve
 ```
 
 Then open localhost:8080/components/polymer-cookie/demo/ in your browser.
@@ -156,52 +192,26 @@ For more information about Polymer CLI have a look at the
 A special thanks to [Cameron](https://github.com/cameronwp)
 and [Pascal](https://github.com/MeTaNoV) for their contributions.
 
-1.   Fork it!
+1.  Fork it!
 2.  Create your feature branch: `git checkout -b my-new-feature`
-3. Commit your changes: `git commit -m 'Add some feature'`
+3.  Commit your changes: `git commit -m 'Add some feature'`
 4.  Push to the branch: `git push origin my-new-feature`
-5. Submit a pull request :D
+5.  Submit a pull request :D
 
+## Contributors
 
-## License
+A special thanks to our contributors:
 
-[MIT License](https://github.com/andreasonny83/polymer-cookie/blob/master/LICENSE) © Andrea SonnY
+*   [@cameronwp](https://github.com/cameronwp)
+*   [@MeTaNoV](https://github.com/MeTaNoV)
+*   [@ymahnovskyy](https://github.com/ymahnovskyy)
+*   [@web-padawan](https://github.com/web-padawan)
 
 ## Changelog
 
-### 1.0.4
-
-*   minor code refactoring
-*   documentation updated
-*   cookie expiration time bug fixed when time is set to '-1'
-*   demo page introduced
-
-2016.06.02
+Changelog available [here](https://github.com/andreasonny83/polymer-cookie/blob/master/CHANGELOG.md)
 
-### 1.0.3
-
-*   autoSet implementation
-*   fixes createCookie
-*   removes encodeURIComponent
-*   fixes readCookie declaration
-*   documentation updated
-
-2016.02.12
-
-### 0.1.2
-
-*   Implemented reflectToAttribute capability
-
-2015.29.01
-
-### 0.1.1
-
-*   first stable version
-
-2015.07.01
-
-### 0.1.0
-
-*   initial commit
+## License
 
-2015.06.30
+[MIT License](https://github.com/andreasonny83/polymer-cookie/blob/master/LICENSE)
+© Andrea SonnY
diff --git a/bower.json b/bower.json
index 3cc9131..d5c64bd 100644
--- a/bower.json
+++ b/bower.json
@@ -1,15 +1,15 @@
 {
   "name": "polymer-cookie",
-  "version": "1.0.4",
   "homepage": "https://github.com/andreasonny83/polymer-cookie",
   "authors": [
     "Andrea Sonny <andreasonny83@gmail.com>"
   ],
-  "description": "Cookie Web Component for Polymer 1.0",
+  "description": "Cookie Web Component for Polymer 1.x",
   "main": "polymer-cookie.html",
   "keywords": [
     "web-components",
-    "polymer"
+    "polymer",
+    "cookie"
   ],
   "license": "MIT",
   "ignore": [
diff --git a/demo/index.html b/demo/index.html
index 1affedb..69f4b7b 100644
--- a/demo/index.html
+++ b/demo/index.html
@@ -1,13 +1,8 @@
 <!doctype html>
 <html>
   <head>
+    <title>polymer-cookie demo page</title>
     <script src="../../webcomponentsjs/webcomponents-lite.js"></script>
-    <script>
-      /*
-      window.Polymer = window.Polymer || {};
-      window.Polymer.dom = 'shadow';
-      */
-    </script>
     <link rel="import" href="../polymer-cookie.html">
   </head>
   <body>
@@ -16,13 +11,12 @@ <h1>polymer-cookie</h1>
       id="test_cookie"
       name="test_cookie"
       value="hello world"
-      time="3"
-      auto-set
-      format="s">
+      time="10"
+      format="s"
+      auto-set>
     </polymer-cookie>
 
-    <p>
-      Open your browser's code inspector to see the cookie status
-    </p>
+    <p>Open your browser's code inspector to see the cookie status.</p>
+    <p>This 'test_cookie' will expire in 10 seconds.</p>
   </body>
 </html>
diff --git a/polymer-cookie.html b/polymer-cookie.html
index db302d1..7e118f5 100644
--- a/polymer-cookie.html
+++ b/polymer-cookie.html
@@ -74,7 +74,7 @@
          */
         path: {
           type: String,
-          value: '/',
+          value: '',
           reflectToAttribute: true
         },
 
@@ -117,6 +117,17 @@
           reflectToAttribute: true
         },
 
+        /**
+         * HttpOnly
+         *
+         * @type [Boolean]
+         */
+        httpOnly: {
+          type: Boolean,
+          value: false,
+          reflectToAttribute: true
+        },
+
         /**
          * Create the cookie automatically as the element is rendered on the DOM
          * @type [Boolean]
@@ -160,14 +171,15 @@
 
         expires = this.time === -1 ? FOREVER : date.toUTCString();
 
-        return (document.cookie = [
+        document.cookie = [
           this.name, '=', this.value,
-          '; expires=' + expires,
-          this.path && '; path=' + this.path,
-          this.domain && "; domain=" + this.domain,
-          this.secure ? '; secure' : '',
+          ';expires=' + expires,
+          !!this.path && ';path=' + this.path,
+          !!this.domain && ";domain=" + this.domain,
+          this.secure ? ';secure' : '',
+          this.httpOnly ? ';HttpOnly' : '',
           ';'
-        ].join(''));
+        ].join('');
       },
 
       /**