macmillan-utils 1.0.32 → 1.0.33
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 082720f53c08e7a389f791d4859adf4ff408ee1d
|
|
4
|
+
data.tar.gz: 686bbcdebb11405d314be7fc2eaceca800070539
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 72fe89d06f184fb910a157b96330231438767a830b91c702741d7751f65a82ed7baa3e3b80b1eade25c42e671d50b80211ccbd4280d498a8e308596bb42e1d5b
|
|
7
|
+
data.tar.gz: 893e33789d9f0b892ce93d0dc9c7333f595374d1b2143c1affb4708dfc920064224f51c3aea2f3ab07f7d2076b87aa416b8fd8ee3fb197798a1720dfd95f0bb0
|
data/.rubocop.yml
CHANGED
|
@@ -2,6 +2,11 @@ Metrics/LineLength:
|
|
|
2
2
|
Description: 'Limit lines to 120 characters.'
|
|
3
3
|
Max: 120
|
|
4
4
|
|
|
5
|
+
Metrics/BlockLength:
|
|
6
|
+
ExcludedMethods:
|
|
7
|
+
- describe
|
|
8
|
+
- context
|
|
9
|
+
|
|
5
10
|
Style/Documentation:
|
|
6
11
|
Enabled: false
|
|
7
12
|
|
|
@@ -26,6 +31,25 @@ Style/AlignParameters:
|
|
|
26
31
|
Style/StringLiterals:
|
|
27
32
|
EnforcedStyle: single_quotes
|
|
28
33
|
|
|
34
|
+
Style/FrozenStringLiteralComment:
|
|
35
|
+
Enabled: false
|
|
36
|
+
|
|
37
|
+
Style/PercentLiteralDelimiters:
|
|
38
|
+
PreferredDelimiters:
|
|
39
|
+
'%': ()
|
|
40
|
+
'%i': ()
|
|
41
|
+
'%I': ()
|
|
42
|
+
'%q': ()
|
|
43
|
+
'%Q': ()
|
|
44
|
+
'%r': '{}'
|
|
45
|
+
'%s': ()
|
|
46
|
+
'%w': '[]'
|
|
47
|
+
'%W': '[]'
|
|
48
|
+
'%x': ()
|
|
49
|
+
|
|
50
|
+
Style/RegexpLiteral:
|
|
51
|
+
AllowInnerSlashes: true
|
|
52
|
+
|
|
29
53
|
Style/CollectionMethods:
|
|
30
54
|
PreferredMethods:
|
|
31
55
|
collect: 'map'
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
require 'rack/request'
|
|
2
|
+
require 'rack/response'
|
|
3
|
+
require 'uri'
|
|
4
|
+
|
|
5
|
+
module Macmillan
|
|
6
|
+
module Utils
|
|
7
|
+
module Middleware
|
|
8
|
+
class CookieMessage
|
|
9
|
+
YEAR = 31_536_000
|
|
10
|
+
COOKIE = 'euCookieNotice'.freeze
|
|
11
|
+
|
|
12
|
+
def initialize(app)
|
|
13
|
+
@app = app
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def call(env)
|
|
17
|
+
request = Rack::Request.new(env)
|
|
18
|
+
|
|
19
|
+
if cookies_accepted?(request)
|
|
20
|
+
redirect_back(request)
|
|
21
|
+
else
|
|
22
|
+
@app.call(env)
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
private
|
|
27
|
+
|
|
28
|
+
def cookies_accepted?(request)
|
|
29
|
+
request.post? &&
|
|
30
|
+
request.cookies[COOKIE] != 'accepted' &&
|
|
31
|
+
request.params['cookies'] == 'accepted'
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def redirect_back(request)
|
|
35
|
+
response = Rack::Response.new
|
|
36
|
+
location = build_location(request)
|
|
37
|
+
|
|
38
|
+
response.redirect(location)
|
|
39
|
+
response.set_cookie(COOKIE, cookie_options(request))
|
|
40
|
+
|
|
41
|
+
response.to_a
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def cookie_options(request)
|
|
45
|
+
{
|
|
46
|
+
value: 'accepted',
|
|
47
|
+
domain: request.host_with_port,
|
|
48
|
+
path: '/',
|
|
49
|
+
expires: Time.now.getutc + YEAR
|
|
50
|
+
}
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def build_location(request)
|
|
54
|
+
begin
|
|
55
|
+
uri = URI.parse(request.referrer.to_s)
|
|
56
|
+
rescue URI::InvalidURIError
|
|
57
|
+
uri = URI.parse(request.url)
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
# Check that the redirect is an internal one for security reasons:
|
|
61
|
+
# https://webmasters.googleblog.com/2009/01/open-redirect-urls-is-your-site-being.html
|
|
62
|
+
internal_redirect?(request, uri) ? uri.to_s : request.url
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def internal_redirect?(request, uri)
|
|
66
|
+
request.host == uri.host && request.port == uri.port
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
end
|
|
71
|
+
end
|
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
module Macmillan
|
|
2
2
|
module Utils
|
|
3
3
|
module Middleware
|
|
4
|
-
autoload :
|
|
5
|
-
autoload :
|
|
4
|
+
autoload :CookieMessage, 'macmillan/utils/middleware/cookie_message'
|
|
5
|
+
autoload :WeakEtags, 'macmillan/utils/middleware/weak_etags'
|
|
6
|
+
autoload :Uuid, 'macmillan/utils/middleware/uuid'
|
|
6
7
|
end
|
|
7
8
|
end
|
|
8
9
|
end
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
RSpec.describe Macmillan::Utils::Middleware::CookieMessage do
|
|
4
|
+
let(:app) { ->(_) { [200, {}, %w[body]] } }
|
|
5
|
+
let(:env) { env_for(url, request_headers) }
|
|
6
|
+
let(:request_headers) { default_headers.merge(extra_headers) }
|
|
7
|
+
let(:default_headers) { { 'REQUEST_METHOD' => request_method } }
|
|
8
|
+
let(:extra_headers) { {} }
|
|
9
|
+
|
|
10
|
+
subject { described_class.new(app) }
|
|
11
|
+
|
|
12
|
+
let(:response) { subject.call(env) }
|
|
13
|
+
let(:status) { response[0] }
|
|
14
|
+
let(:headers) { response[1] }
|
|
15
|
+
let(:body) { response[2] }
|
|
16
|
+
let(:cookie) { headers['Set-Cookie'] }
|
|
17
|
+
let(:location) { headers['Location'] }
|
|
18
|
+
|
|
19
|
+
context 'when request params contains cookies=accepted' do
|
|
20
|
+
let(:url) { 'http://www.nature.com/?cookies=accepted' }
|
|
21
|
+
|
|
22
|
+
context 'and the request method is GET' do
|
|
23
|
+
let(:request_method) { 'GET' }
|
|
24
|
+
|
|
25
|
+
it 'calls the app' do
|
|
26
|
+
expect(app).to receive(:call).with(env).and_call_original
|
|
27
|
+
expect(response).to eq([200, {}, %w[body]])
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
context 'and the request method is POST' do
|
|
32
|
+
let(:request_method) { 'POST' }
|
|
33
|
+
|
|
34
|
+
context 'and the euNoticeCookie is not set' do
|
|
35
|
+
before do
|
|
36
|
+
allow(Time).to receive(:now).and_return(Time.utc(2017, 1, 31))
|
|
37
|
+
expect(app).not_to receive(:call)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
it 'redirects' do
|
|
41
|
+
expect(status).to eq(302)
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
it 'sets the cookie' do
|
|
45
|
+
expect(cookie).to match(/euCookieNotice=accepted;/)
|
|
46
|
+
expect(cookie).to match(/domain=www\.nature\.com:80;/)
|
|
47
|
+
expect(cookie).to match(/path=\/;/)
|
|
48
|
+
expect(cookie).to match(/expires=Wed, 31 Jan 2018 00:00:00 -0000/)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
it 'redirects back to the original url' do
|
|
52
|
+
expect(location).to eq('http://www.nature.com/?cookies=accepted')
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
context 'and the referrer is set' do
|
|
56
|
+
let(:extra_headers) { { 'HTTP_REFERER' => 'http://www.nature.com/articles/ncomms7169' } }
|
|
57
|
+
|
|
58
|
+
it 'redirects back to the referrer' do
|
|
59
|
+
expect(location).to eq('http://www.nature.com/articles/ncomms7169')
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
context 'and the euNoticeCookie is set' do
|
|
65
|
+
let(:extra_headers) { { 'HTTP_COOKIE' => 'euCookieNotice=accepted' } }
|
|
66
|
+
|
|
67
|
+
it 'calls the app' do
|
|
68
|
+
expect(app).to receive(:call).with(env).and_call_original
|
|
69
|
+
expect(response).to eq([200, {}, %w[body]])
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
context 'when request params does not cookies=accepted' do
|
|
76
|
+
let(:url) { 'http://www.nature.com/' }
|
|
77
|
+
|
|
78
|
+
context 'and the request method is GET' do
|
|
79
|
+
let(:request_method) { 'GET' }
|
|
80
|
+
|
|
81
|
+
it 'calls the app' do
|
|
82
|
+
expect(app).to receive(:call).with(env).and_call_original
|
|
83
|
+
expect(response).to eq([200, {}, %w[body]])
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
context 'and the request method is POST' do
|
|
88
|
+
let(:request_method) { 'POST' }
|
|
89
|
+
|
|
90
|
+
it 'calls the app' do
|
|
91
|
+
expect(app).to receive(:call).with(env).and_call_original
|
|
92
|
+
expect(response).to eq([200, {}, %w[body]])
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
end
|
|
96
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: macmillan-utils
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.33
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Springer Nature
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-01-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -232,6 +232,7 @@ files:
|
|
|
232
232
|
- lib/macmillan/utils/logger/factory.rb
|
|
233
233
|
- lib/macmillan/utils/logger/formatter.rb
|
|
234
234
|
- lib/macmillan/utils/middleware.rb
|
|
235
|
+
- lib/macmillan/utils/middleware/cookie_message.rb
|
|
235
236
|
- lib/macmillan/utils/middleware/uuid.rb
|
|
236
237
|
- lib/macmillan/utils/middleware/weak_etags.rb
|
|
237
238
|
- lib/macmillan/utils/rails/statsd_instrumentation.rb
|
|
@@ -257,6 +258,7 @@ files:
|
|
|
257
258
|
- spec/lib/macmillan/utils/helper/string_conversion_helper_spec.rb
|
|
258
259
|
- spec/lib/macmillan/utils/logger/factory_spec.rb
|
|
259
260
|
- spec/lib/macmillan/utils/logger/formatter_spec.rb
|
|
261
|
+
- spec/lib/macmillan/utils/middleware/cookie_message_spec.rb
|
|
260
262
|
- spec/lib/macmillan/utils/middleware/uuid_spec.rb
|
|
261
263
|
- spec/lib/macmillan/utils/middleware/weak_etags_spec.rb
|
|
262
264
|
- spec/lib/macmillan/utils/settings/lookup_spec.rb
|
|
@@ -295,6 +297,7 @@ test_files:
|
|
|
295
297
|
- spec/lib/macmillan/utils/helper/string_conversion_helper_spec.rb
|
|
296
298
|
- spec/lib/macmillan/utils/logger/factory_spec.rb
|
|
297
299
|
- spec/lib/macmillan/utils/logger/formatter_spec.rb
|
|
300
|
+
- spec/lib/macmillan/utils/middleware/cookie_message_spec.rb
|
|
298
301
|
- spec/lib/macmillan/utils/middleware/uuid_spec.rb
|
|
299
302
|
- spec/lib/macmillan/utils/middleware/weak_etags_spec.rb
|
|
300
303
|
- spec/lib/macmillan/utils/settings/lookup_spec.rb
|