artirix-cacheable-csrf-token-rails 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: b4bae3ba6901d26848fd4c1036d9287e019450d1
4
+ data.tar.gz: 5790ce6995354510363850f0009d45f23950def2
5
+ SHA512:
6
+ metadata.gz: 1a18a8c15c4fbb1dd686fc7a8ff5d0939e532494c767c31ead75b5d32ca07f1e158c2f038a9111c0cab95eb1de6e564ea4539dbbc7101fa042debf835900e4f5
7
+ data.tar.gz: d8930a052dcc39d41628c48ac0d9c4e710b5fa14cabd9a791a2b5236fd9b9132056c10c3c2c5694d36f2ddf397377f35a4acfa606bb9edc8e413ff701394ef93
@@ -0,0 +1,16 @@
1
+ # Cacheable CSRF Token for Rails
2
+
3
+ ### Cache HTML containing CSRF protection tokens without worrying
4
+
5
+ CacheableCSRFToken allows you to easily cache Ruby on Rails pages or partials containing a CSRF protection token. The user-specific token will inserted in the HTML before the response is sent to the user.
6
+
7
+ ### Compatibility
8
+
9
+ Rails 4 and above
10
+
11
+
12
+ #### Usage
13
+
14
+ 1. Add `cacheable-csrf-token-rails` to your Gemfile
15
+ 2. Add this line in ApplicationController:
16
+ `include CacheableCSRFTokenRails`
@@ -0,0 +1,47 @@
1
+ # Inspired from http://www.jarrodspillers.com/2010/02/06/trying-to-use-rails-csrf-protection-on-cached-actions-rack-middleware-to-the-rescue/ and https://gist.github.com/1124982/632f1fcbe0981424128b3088ddb27a322c369cc1
2
+ # Extended https://github.com/cmer/cacheable-csrf-token-rails
3
+
4
+ module CacheableCSRFTokenRails
5
+ def self.included(base)
6
+
7
+ ApplicationController.const_set "TOKEN_PLACEHOLDER", "__CROSS_SITE_REQUEST_FORGERY_PROTECTION_TOKEN__"
8
+ base.class_eval do
9
+ after_filter :inject_csrf_token
10
+
11
+ private
12
+ def inject_csrf_token
13
+ if protect_against_forgery? && token = form_authenticity_token
14
+ if body_with_token = response.body.gsub!(ApplicationController::TOKEN_PLACEHOLDER, token)
15
+ response.body = body_with_token
16
+ end
17
+ end
18
+ end
19
+ end
20
+
21
+ token_tag_helper = (Rails::VERSION::MAJOR >= 4) ? ActionView::Helpers::UrlHelper : ActionView::Helpers::FormTagHelper
22
+
23
+ token_tag_helper.class_eval do
24
+ alias_method :token_tag_rails, :token_tag
25
+
26
+ def token_tag(token=nil)
27
+ if token != false && protect_against_forgery?
28
+ tag(:input, :type => "hidden", :name => request_forgery_protection_token.to_s, :value => ApplicationController::TOKEN_PLACEHOLDER)
29
+ else
30
+ ''
31
+ end
32
+ end
33
+ end
34
+
35
+ ActionView::Helpers::CsrfHelper.class_eval do
36
+ def csrf_meta_tags
37
+ if protect_against_forgery?
38
+ [
39
+ tag('meta', :name => 'csrf-param', :content => request_forgery_protection_token),
40
+ tag('meta', :name => 'csrf-token', :content => ApplicationController::TOKEN_PLACEHOLDER)
41
+ ].join("\n").html_safe
42
+ end
43
+ end
44
+ end
45
+
46
+ end # included
47
+ end
metadata ADDED
@@ -0,0 +1,62 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: artirix-cacheable-csrf-token-rails
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.3.1
5
+ platform: ruby
6
+ authors:
7
+ - Faheem Mughal
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2015-07-31 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rails
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 3.2.5
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: 3.2.5
27
+ description: CacheableCSRFToken allows you to easily cache Ruby on Rails pages or
28
+ partials containing a CSRF protection token. The user-specific token will inserted
29
+ in the HTML before the response is sent to the user.
30
+ email:
31
+ - faheem@gmail.com
32
+ executables: []
33
+ extensions: []
34
+ extra_rdoc_files: []
35
+ files:
36
+ - README.md
37
+ - lib/cacheable-csrf-token-rails.rb
38
+ homepage: https://github.com/faheemmughal/cacheable-csrf-token-rails
39
+ licenses: []
40
+ metadata: {}
41
+ post_install_message:
42
+ rdoc_options: []
43
+ require_paths:
44
+ - lib
45
+ required_ruby_version: !ruby/object:Gem::Requirement
46
+ requirements:
47
+ - - ">="
48
+ - !ruby/object:Gem::Version
49
+ version: '0'
50
+ required_rubygems_version: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ requirements: []
56
+ rubyforge_project:
57
+ rubygems_version: 2.2.3
58
+ signing_key:
59
+ specification_version: 4
60
+ summary: Cache HTML containing CSRF protection tokens without worrying
61
+ test_files: []
62
+ has_rdoc: