galakei 0.4.1 → 0.5.0

data/lib/galakei/request.rb

@@ -15,10 +15,6 @@ module Galakei
       /^(SoftBank|Vodafone)/ =~ user_agent
     end
 
-    def cookies?
-      !imode_browser_1_0?
-    end
-
     def imode_browser_1_0?
       if /docomo(.*\((.*;)?c(\d+)\;)?/i =~ user_agent
         $3.to_i < 500

data/lib/galakei/session_id_parameter/in_form.rb

@@ -3,25 +3,30 @@
 # that the session id parameter is properly injected into forms.
 module Galakei::SessionIdParameter::InForm
   def extra_tags_for_form(html_options)
-    s = super
-    if !request.cookies? && html_options["method"] == "get"
-      s << session_input_tag
-    end
-    s
+    return super unless html_options["method"] == :get
+    session_id = extract_session_id!(html_options["action"])
+    session_id.blank? ? super : super << session_input_tag(session_id)
   end
 
   def button_to(name, options = {}, html_options = {})
-    s = super
-    if !request.cookies? && html_options[:method] == :get
-      s.sub!("</form>",session_input_tag + "</form>".html_safe)
-    end
-    s
+    return super unless html_options[:method] == :get
+    url = (options.is_a?(String) ? options : url_for(options))
+    session_id = extract_session_id!(url)
+    return super if session_id.blank?
+    s = super(name, url, html_options)
+    s.sub!("</form>", session_input_tag(session_id) + "</form>".html_safe)
   end
 
   private
 
-  def session_input_tag
-    key = ::Rails.application.config.session_options[:key]
-    tag(:input, :type => "hidden", :name => key, :value => request.session_options[:id])
+  # returns session id if present in url (or path) and removes it from the passed in parameter
+  def extract_session_id!(url)
+    url.gsub!(/#{::Rails.application.config.session_options[:key]}=([^&]+)&?/, '')
+    url.chomp!('?')
+    $1
+  end
+
+  def session_input_tag(session_id)
+    tag(:input, :type => "hidden", :name => ::Rails.application.config.session_options[:key], :value => session_id)
   end
 end

data/lib/galakei/session_id_parameter/in_url.rb

@@ -1,33 +1,27 @@
-class Galakei::SessionIdParameter::InUrl < Galakei::Filter::Base
-  def filter
-    key = ::Rails.application.config.session_options[:key]
-    if device_needs_session_param_in_url?
-      session_opts = env[ActionDispatch::Session::AbstractStore::ENV_SESSION_OPTIONS_KEY]
-      # if we don't have a session ID yet, create one
-      if session_opts[:id].blank?
-        # make sure to reset any active record session store,
-        # we'll have to create a new one for the new session
-        env[ActiveRecord::SessionStore::SESSION_RECORD_KEY] = nil
-        # create a new session ID
-        session_opts[:id] = ActiveSupport::SecureRandom.hex(8)
-      end
-      sid = session_opts[:id]
-      logger.debug("Galakei: adding session param '#{key}' to default_url_options")
-      default_url_options[key] = sid
-    else
-      # default_url_options aren't cleared, so we need to clear them
-      default_url_options.delete(key)
+module Galakei::SessionIdParameter::InUrl
+  def url_for(options = {})
+    return super unless inject_session_id_parameter?(options)
+    session_opts = request.env[ActionDispatch::Session::AbstractStore::ENV_SESSION_OPTIONS_KEY]
+    # if we don't have a session ID yet, create one
+    if session_opts[:id].blank?
+      # make sure to reset any active record session store,
+      # we'll have to create a new one for the new session
+      request.env[ActiveRecord::SessionStore::SESSION_RECORD_KEY] = nil
+      # create a new session ID
+      session_opts[:id] = ActiveSupport::SecureRandom.hex(8)
     end
+    super(options.merge(::Rails.application.config.session_options[:key] => session_opts[:id]))
   end
 
   private
 
-  def device_needs_session_param_in_url?
-    galakei? && !request.cookies? && session
-  end
+  def inject_session_id_parameter?(options)
+    return false unless options.is_a?(Hash)
+    return true if request.imode_browser_1_0?
 
-  def default_url_options
-    controller.send :default_url_options
+    # au and softbank have two forms of cookies depending on if it is
+    # http or https, so carry over session id when switching protocols
+    return false unless options[:protocol]
+    (request.au? || request.softbank?) && (request.protocol != options[:protocol])
   end
-
 end

data/lib/galakei/session_id_parameter/railtie.rb

@@ -4,8 +4,8 @@ module Galakei
       config.galakei.session_id_parameter = false
       initializer "galakei.session_id_parameter" do |app|
         if app.config.galakei.session_id_parameter
-          ActiveSupport.on_load :action_controller do
-            before_filter Galakei::SessionIdParameter::InUrl
+          Rails.application.routes.url_helpers.class_eval do
+            include Galakei::SessionIdParameter::InUrl
           end
           ActiveSupport.on_load :action_view do
             include Galakei::SessionIdParameter::InForm

data/lib/galakei/version.rb

@@ -1,3 +1,3 @@
 module Galakei
-  VERSION = "0.4.1"
+  VERSION = "0.5.0"
 end

data/spec/acceptance/app/fake.rb

@@ -18,5 +18,7 @@ app.config.active_support.deprecation = :log
 app.config.galakei.session_id_parameter = true
 app.initialize!
 
-app.routes.draw { match ':controller(/:action(/:id))' }
+app.routes.draw do
+  match ':controller(/:action(/:id))'
+end
 class ApplicationController < ActionController::Base; end

data/spec/acceptance/session_spec.rb

@@ -13,7 +13,7 @@ class SessionsController < ApplicationController
     session[:previous_page] = "in_get_form"
     @search = Search.new
     render :layout => true, :inline => <<-EOD
-      <%= form_for @search, :url => "/sessions", :html => { :method => :get } do |f| %>"
+      <%= form_for @search, :url => { :controller => :sessions }, :html => { :method => :get } do |f| %>"
         <%= f.text_field :query %>
         <%= f.submit "in_get_form" %>
       <% end %>
@@ -27,6 +27,18 @@ class SessionsController < ApplicationController
     EOD
   end
 
+  def secure_link
+    render :layout => true, :inline => <<-EOD
+      <%= link_to "secure_link", :action => :index, :protocol => "https://" %>
+    EOD
+  end
+
+  def insecure_link
+    render :layout => true, :inline => <<-EOD
+      <%= link_to "insecure_link", :action => :index, :protocol => "http://" %>
+    EOD
+  end
+
   def button_to_get
     session[:previous_page] = "button_to_get"
     render :layout => true, :inline => <<-EOD
@@ -51,7 +63,7 @@ end
 
 
 feature 'session' do
-  %w[in_get_form link button_to_post].each do |s|
+  %w[link button_to_post].each do |s|
     context s do
       scenario 'for au', :driver => :au do
         visit "/sessions/#{s}"
@@ -68,20 +80,56 @@ feature 'session' do
       end
     end
   end
-  context "button_to_get" do
-    scenario 'for au', :driver => :au do
-      visit "/sessions/button_to_get"
-      click_on "button_to_get"
-      page.should have_content("Session Data: button_to_get")
-      page.should have_content("Session Param: false")
+
+  %w[in_get_form button_to_get].each do |s|
+    context s do
+      scenario 'for au', :driver => :au do
+        visit "/sessions/#{s}"
+        click_on s
+        page.should have_content("Session Data: #{s}")
+        page.should have_content("Session Param: false")
+      end
+
+      scenario 'for docomo', :driver => :docomo do
+        visit "/sessions/#{s}"
+        page.find('form')["action"].should == "/sessions"
+        page.find('form input[name="_myapp_session"]')["value"].should_not be_blank
+        click_on s
+        page.should have_content("Session Data: #{s}")
+        page.should have_content("Session Param: true")
+      end
+    end
+  end
+
+  scenario 'link https to https for au', :driver => :au do
+    visit "https://www.example.com/sessions/link"
+    click_on 'link'
+    page.should have_content("Session Param: false")
+  end
+
+  %w[au softbank].each do |s|
+    scenario "link http to https for #{s}", :driver => s.to_sym do
+      visit "http://www.example.com/sessions/secure_link"
+      click_on 'secure_link'
+      page.should have_content("Session Param: true")
     end
 
-    scenario 'for docomo', :driver => :docomo do
-      visit "/sessions/button_to_get"
-      page.find('form input[name="_myapp_session"]')["value"].should_not be_blank
-      click_on "button_to_get"
-      page.should have_content("Session Data: button_to_get")
+    scenario "link https to http for #{s}", :driver => s.to_sym do
+      visit "https://www.example.com/sessions/insecure_link"
+      click_on 'insecure_link'
       page.should have_content("Session Param: true")
     end
   end
+
+  scenario 'link http to https for docomo_2_0', :driver => :docomo_2_0 do
+    visit "http://www.example.com/sessions/secure_link"
+    click_on 'secure_link'
+    page.should have_content("Session Param: false")
+  end
+
+  scenario 'link https to http for docomo_2_0', :driver => :docomo_2_0 do
+    visit "https://www.example.com/sessions/insecure_link"
+    click_on 'insecure_link'
+    page.should have_content("Session Param: false")
+  end
 end

data/spec/acceptance/support/capybara_ssl_fix.rb

@@ -0,0 +1,28 @@
+# This makes Capybara work with sites that switch between HTTP and HTTPS
+# See http://github.com/jnicklas/capybara/issues#issue/85
+
+module Capybara::Driver::RackTest::SslFix
+
+  [:get, :post, :put, :delete].each do |method|
+    define_method method do |*args|
+      args[0] = path_to_ssl_aware_url(args[0])
+      super(*args)
+    end
+  end
+
+  private
+
+  def path_to_ssl_aware_url(path)
+    unless path =~ /:\/\//
+      env = request.env
+      path = "#{env["rack.url_scheme"]}://#{env["SERVER_NAME"]}#{path}"
+    end
+    path
+  rescue Rack::Test::Error
+    # no request yet
+    path
+  end
+
+end
+
+Capybara::Driver::RackTest.send :include, Capybara::Driver::RackTest::SslFix

metadata

@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
   prerelease: false
   segments: 
   - 0
-  - 4
-  - 1
-  version: 0.4.1
+  - 5
+  - 0
+  version: 0.5.0
 platform: ruby
 authors: 
 - Paul McMahon
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-05 00:00:00 +09:00
+date: 2011-04-06 00:00:00 +09:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -109,6 +109,7 @@ files:
 - spec/acceptance/handset_detection_spec.rb
 - spec/acceptance/input_mode_spec.rb
 - spec/acceptance/session_spec.rb
+- spec/acceptance/support/capybara_ssl_fix.rb
 - spec/acceptance/support/handsets.rb
 - spec/acceptance/views_spec.rb
 - spec/galakei/docomo_css/stylesheet_spec.rb