canvas_lti_third_party_cookies 0.3.1 → 0.3.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 890865e3f76d11ffcb3c1e203b7b507c068127b0b2cba1455fdf0fa558ef96f8
4
- data.tar.gz: 197439ea71f9dd99b21235358022f7c324f86fdec4e03ce93c7f28201dfc2d83
3
+ metadata.gz: 88651b27e16e286cfe593e4f91b928d66163a4a323190d147bda3cc111e58cb4
4
+ data.tar.gz: 2bbceb40ea00ab911683641f0d75d098cb6d42dc9b86cfbec7ea9bb500d14896
5
5
  SHA512:
6
- metadata.gz: 8c7001cbfb01825b8a475ed48f15cfdd3e962ce5fcda789f1a211a1445c5d75e8f171982a7e7c4ed954e43a22f393f781be9a9e15fbfee97122e7f8438cac9d6
7
- data.tar.gz: 8a4a17fc88a70d26b57ea6862bdbd9f71bd2ec21cfa548e42868d4dec3167be6d24471c29ed346e03dfa8900ff6b4e08849084519160ce8f78f5a8a927bd59b5
6
+ metadata.gz: 6a55ede6d719896ae4f19cd040a8e214ce40467bc2dcd11eaed07051adbfea8ccff5bf8cd6a445a25067d875e6d7cccd75872357d7474b508209481a0c24b781
7
+ data.tar.gz: 7f9dd1dee1fc2f99e1b85c17c0ed3b0b14fe6861399f11351110ddbf48242e7a027a7c83534a028e144bf652f3a8fec29a80406d7c7dd795f23c64e5c149146e
@@ -18,9 +18,7 @@ module CanvasLtiThirdPartyCookies::SafariLaunch
18
18
  # handle_safari_launch(launch_url: action_url, launch_params: { foo: bar }, launch_data: { foo: baz })
19
19
  # }
20
20
  def handle_safari_launch(launch_url:, launch_params: {}, launch_data: {})
21
- browser = Browser.new(request.headers["User-Agent"])
22
- # detect both MacOS and iOS Safari
23
- return unless browser.safari? || (browser.webkit? && browser.platform.ios?)
21
+ return unless is_safari?
24
22
 
25
23
  # Safari launch #4: Storage Access has been granted,
26
24
  # so launch the app normally. Note that this is not an actual LTI launch, but
@@ -59,11 +57,17 @@ module CanvasLtiThirdPartyCookies::SafariLaunch
59
57
  # replay attacks, but for this specific situation (the request is an internal redirect)
60
58
  # it's a sufficient hack.
61
59
  def should_ignore_nonce?
62
- params[:storage_access_status] == "granted" && URI.parse(request.referer).host == request.host
60
+ is_safari? && params[:storage_access_status] == "granted" && URI.parse(request.referer).host == request.host
63
61
  end
64
62
 
65
63
  private
66
64
 
65
+ def is_safari?
66
+ browser = Browser.new(request.headers["User-Agent"])
67
+ # detect both MacOS and iOS Safari
68
+ browser.safari? || (browser.webkit? && browser.platform.ios?)
69
+ end
70
+
67
71
  def relaunch_url(launch_url, launch_params)
68
72
  return launch_url if launch_params.empty?
69
73
  "#{launch_url}?#{launch_params.to_query}"
@@ -1,3 +1,3 @@
1
1
  module CanvasLtiThirdPartyCookies
2
- VERSION = '0.3.1'
2
+ VERSION = '0.3.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: canvas_lti_third_party_cookies
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.1
4
+ version: 0.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Xander Moffatt
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-03 00:00:00.000000000 Z
11
+ date: 2021-03-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails