iodine 0.1.11 → 0.1.12

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of iodine might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 250a126cc91b5d00df756b4c30131c309d07b14d
4
- data.tar.gz: a8942a8c016c08efcff06269a3fb00daedf66380
3
+ metadata.gz: 0cae62f19555de3237661fc0f47461290f31a47d
4
+ data.tar.gz: d4ee6c036d77d5ccc9cc243d2e5407609d39cc16
5
5
  SHA512:
6
- metadata.gz: 8f3831ce442b7bf7bfb8f2abe1b3c9595f277f434ebb669cf11b6e204ca1c420fefddd7f6d53a1916d149a9ed589503359321750d6556d4626eb98d5d79ce0c0
7
- data.tar.gz: da4e06d3f70e5bc3811ddb75e0b21df1ac6dacd1aa654432593b853ba49ddce9276568f09beafb10a948b7ede257d991a0d27f1b462b33869f3424a524f235a2
6
+ metadata.gz: 8ae4692ca663399664b005c9fd8983d151ca14a6ba543455e497d0884eabe760b0719c1bf520ad129584260ca3229f202afe3b80b16ede4c9055077415f77e02
7
+ data.tar.gz: 311d1785ec2ff505173d2eb2e34daafd997bcdd038710223d2f69b4348363df587dd4d3ebcedeca8c9fe65f93f86b8efcbbf19796fc4604b77b80c445cdf57cb
data/CHANGELOG.md CHANGED
@@ -8,6 +8,14 @@ Please notice that this change log contains changes for upcoming releases as wel
8
8
 
9
9
  ***
10
10
 
11
+ Change log v.0.1.12
12
+
13
+ **Update**: Passing a hash as the cookie value will allow to set cookie parameters using the {Response#set_cookie} options. i.e.: `cookies['key']= {value: "lock", max_age: 20}`.
14
+
15
+ **Security**: set the HttpOnly flag for session id cookies.
16
+
17
+ ***
18
+
11
19
  Change log v.0.1.11
12
20
 
13
21
  **Fix**: fixed the Rack server Handler, which was broken in version 0.1.10.
@@ -28,7 +28,7 @@ module Iodine
28
28
  elsif self.has_key?( key.to_s.to_sym)
29
29
  key = key.to_s.to_sym
30
30
  end
31
- @response.set_cookie key, (val.nil? ? nil : val.to_s.dup)
31
+ @response.set_cookie key, (val.nil? ? nil : val)
32
32
  super
33
33
  end
34
34
  # overrides th [] method to allow Symbols and Strings to mix and match
@@ -126,7 +126,7 @@ module Iodine
126
126
  def session
127
127
  return @session if @session
128
128
  id = request.cookies[::Iodine::Http.session_token.to_sym] || SecureRandom.uuid
129
- set_cookie ::Iodine::Http.session_token, id, expires: (Time.now+86_400), secure: @request.ssl?
129
+ set_cookie ::Iodine::Http.session_token, id, expires: (Time.now+86_400), secure: @request.ssl?, http_only: true
130
130
  @request[:session] = @session = ::Iodine::Http::SessionManager.get(id)
131
131
  end
132
132
 
@@ -199,6 +199,10 @@ module Iodine
199
199
  #
200
200
  def set_cookie name, value, params = {}
201
201
  raise 'Cannot set cookies after the headers had been sent.' if headers_sent?
202
+ if value.is_a?(Hash) && value.has_key?(:value) && params.empty?
203
+ params = value
204
+ value = params.delete :value
205
+ end
202
206
  name = name.to_s
203
207
  raise 'Illegal cookie name' if name =~ COOKIE_NAME_REGEXP
204
208
  if value.nil?
@@ -208,7 +212,7 @@ module Iodine
208
212
  params[:expires] ||= (Time.now + 315360000) unless params[:max_age]
209
213
  end
210
214
  params[:path] ||= '/'.freeze
211
- value = Iodine::Http::Request.encode_url(value)
215
+ value = Iodine::Http::Request.encode_url(value) # this dups the string
212
216
  if params[:max_age]
213
217
  value << ('; Max-Age=%s' % params[:max_age])
214
218
  else
@@ -81,6 +81,11 @@ module Iodine
81
81
  @data.clear
82
82
  nil
83
83
  end
84
+
85
+ # Forced the session's data to be reloaded
86
+ def refresh
87
+ load
88
+ end
84
89
  protected
85
90
  # def destroy
86
91
  # # save data to tmp-file
@@ -1,3 +1,3 @@
1
1
  module Iodine
2
- VERSION = "0.1.11"
2
+ VERSION = "0.1.12"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: iodine
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.11
4
+ version: 0.1.12
5
5
  platform: ruby
6
6
  authors:
7
7
  - Boaz Segev
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2015-11-07 00:00:00.000000000 Z
11
+ date: 2015-11-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler