RubyGems - macmillan-utils - Versions diffs - 1.0.37 → 1.0.38 - Mend

macmillan-utils 1.0.37 → 1.0.38

Files changed (3) hide show

checksums.yaml +4 -4
data/lib/macmillan/utils/middleware/cookie_message.rb +12 -6
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 182d2d0bb630acae2ae30f20790d50cae2faca04
-  data.tar.gz: 160bd16626cf37def232a5854825fb83e226ab97
+  metadata.gz: efd65c066b1290468c8b0a29bc2e4c1bf3a579de
+  data.tar.gz: 0dec24f8ee60517ab43acca34fa5f2b00bafb671
 SHA512:
-  metadata.gz: e8d300ec617b865faa81b673dd5919b06c2519ef17736a0b9d2dedaeca8071e35037525bf608e87ec49a30f042cb8a4f6dd4ba2d24599d04490a93920683ccbf
-  data.tar.gz: decfab1462fad72ac385f0e35083030f5414d471244a2908702cf132b8fc47cf03128f399609cf4d5486432d4f13ac84a426db4f0b67f1b4871bd6ef8bcd7134
+  metadata.gz: d9dff2f8d7e9344c98d22688be63a2c646e3e05312c9cd6a563f488f1fc4b09284aabf11c668807e696c9e0182b2ed67503d614885309dff3f019ee8c0c41ef3
+  data.tar.gz: b74774439c576d01acca98f031a8a8dc1255f734cf3aeb687fcf26716291584d61b286b36ac4d32a8adc61b34c9a6c76cd1f6b787445d6dd608b6e5df5e33f62

data/lib/macmillan/utils/middleware/cookie_message.rb CHANGED Viewed

@@ -28,19 +28,19 @@ module Macmillan
         def cookies_accepted?(request)
           debug_log("request.post? IS #{request.post?.inspect}")
-          debug_log("request.cookies[#{COOKIE}] IS #{request.cookies[COOKIE]}")
-          debug_log("request.params['cookies'] IS #{request.params['cookies']}")
+          debug_log("request.cookies[#{COOKIE}] IS #{request.cookies[COOKIE].inspect}")
+          debug_log("request.params['cookies'] IS #{request.params['cookies'].inspect}")
           unless request.post?
-            debug_log("request.post? (#{request.post?.inspect}) means pass-thru")
+            debug_log("request.post? (#{request.post?.inspect}) means passthru")
             return false
           end
           unless request.cookies[COOKIE] != 'accepted'
-            debug_log("request.cookies[#{COOKIE}] (#{request.cookies[COOKIE]}) means passthru")
+            debug_log("request.cookies['#{COOKIE}'] (#{request.cookies[COOKIE].inspect}) means passthru")
             return false
           end
           unless request.params['cookies'] == 'accepted'
-            debug_log("request.params['cookies'] (#{request.params['cookies']}) means passthru")
+            debug_log("request.params['cookies'] (#{request.params['cookies'].inspect}) means passthru")
             return false
           end
           debug_log('About to set the acceptance cookie and redirect')
@@ -48,7 +48,7 @@ module Macmillan
         end
         def debug_log(msg)
-          logger.info("[Macmillan::Utils::Middleware::CookieMessage] #{msg}")
+          logger.info("[Macmillan::Utils::Middleware::CookieMessage] #{msg}\n")
         end
         def logger
@@ -78,17 +78,23 @@ module Macmillan
         def build_location(request)
           begin
+            debug_log("Attempting to determine redirect by parsing referrer #{request.referrer}")
             uri = URI.parse(request.referrer.to_s)
           rescue URI::InvalidURIError
+            debug_log("No that failed, attempting to determine redirect by parsing request.url #{request.url}")
             uri = URI.parse(request.url)
           end
           # Check that the redirect is an internal one for security reasons:
           # https://webmasters.googleblog.com/2009/01/open-redirect-urls-is-your-site-being.html
+          unless internal_redirect?(request, uri)
+            debug_log("Not internal redirect - so changing to #{request.url} instead of the above")
+          end
           internal_redirect?(request, uri) ? uri.to_s : request.url
         end
         def internal_redirect?(request, uri)
+          debug_log("Is redirect to #{uri.host}:#{uri.port} internal WRT #{request.host}:#{request.port}")
           request.host == uri.host && request.port == uri.port
         end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: macmillan-utils
 version: !ruby/object:Gem::Version
-  version: 1.0.37
+  version: 1.0.38
 platform: ruby
 authors:
 - Springer Nature
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-02-17 00:00:00.000000000 Z
+date: 2017-02-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler