panda_pal 2.0.2 → 2.0.3
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 894962973c1c791c1cc756014123e94abb43e471
|
|
4
|
+
data.tar.gz: a6ce46be2f4676c03d38c23e65579376a0094750
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 12542132e7b4ad67657805aded0c7ae44933af03baf23d7b9318156e08985e3ee8823e4e5739ab127914adfd603cc03f58e73698ebcad6baa52a4476fb5afb5a
|
|
7
|
+
data.tar.gz: 82030c6a2c4c1b82871ac2dd74334462528d6215742ed84e17aa67f5fd0a71ae881ae4f49c1f1e4b5682892aa9cfecee2f7ed3ee3b4410406164f22ef49e3221
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'browser'
|
|
2
|
+
|
|
1
3
|
module PandaPal::Helpers::ControllerHelper
|
|
2
4
|
def save_session
|
|
3
5
|
current_session.try(:save)
|
|
@@ -41,8 +43,29 @@ module PandaPal::Helpers::ControllerHelper
|
|
|
41
43
|
end
|
|
42
44
|
end
|
|
43
45
|
|
|
46
|
+
# Browsers that prevent 3rd party cookies by default (Safari and IE) run into problems
|
|
47
|
+
# with CSRF handling because the Rails session cookie isn't set. To fix this, we
|
|
48
|
+
# redirect the current page to the LTI using JavaScript, which will set the cookie,
|
|
49
|
+
# and then immediately redirect back to Canvas.
|
|
50
|
+
def fix_iframe_cookies
|
|
51
|
+
if params[:safari_cookie_fix].present?
|
|
52
|
+
session[:safari_cookie_fixed] = true
|
|
53
|
+
redirect_to params[:return_to]
|
|
54
|
+
else
|
|
55
|
+
render 'panda_pal/lti/iframe_cookie_fix', layout: false
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def cookies_need_iframe_fix?
|
|
60
|
+
(browser.safari? || browser.ie?) && !request.referrer.include?('sessionless_launch') && !session[:safari_cookie_fixed]
|
|
61
|
+
end
|
|
62
|
+
|
|
44
63
|
def forbid_access_if_lacking_session
|
|
45
|
-
|
|
64
|
+
if cookies_need_iframe_fix?
|
|
65
|
+
fix_iframe_cookies
|
|
66
|
+
else
|
|
67
|
+
render plain: 'You should do an LTI Tool Launch.', status: :unauthorized unless valid_session?
|
|
68
|
+
end
|
|
46
69
|
end
|
|
47
70
|
|
|
48
71
|
def valid_session?
|
data/lib/panda_pal/version.rb
CHANGED
data/panda_pal.gemspec
CHANGED
|
@@ -19,6 +19,7 @@ Gem::Specification.new do |s|
|
|
|
19
19
|
s.add_dependency "pg", '~> 0.20'
|
|
20
20
|
s.add_dependency 'apartment', '~> 1.2.0'
|
|
21
21
|
s.add_dependency 'ims-lti', '~> 2.1.0'
|
|
22
|
+
s.add_dependency 'browser', '2.5.0'
|
|
22
23
|
|
|
23
24
|
s.add_development_dependency 'rspec-rails'
|
|
24
25
|
s.add_development_dependency 'factory_girl_rails'
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: panda_pal
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Young
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2017-
|
|
12
|
+
date: 2017-08-18 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|
|
@@ -67,6 +67,20 @@ dependencies:
|
|
|
67
67
|
- - "~>"
|
|
68
68
|
- !ruby/object:Gem::Version
|
|
69
69
|
version: 2.1.0
|
|
70
|
+
- !ruby/object:Gem::Dependency
|
|
71
|
+
name: browser
|
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
|
73
|
+
requirements:
|
|
74
|
+
- - '='
|
|
75
|
+
- !ruby/object:Gem::Version
|
|
76
|
+
version: 2.5.0
|
|
77
|
+
type: :runtime
|
|
78
|
+
prerelease: false
|
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
80
|
+
requirements:
|
|
81
|
+
- - '='
|
|
82
|
+
- !ruby/object:Gem::Version
|
|
83
|
+
version: 2.5.0
|
|
70
84
|
- !ruby/object:Gem::Dependency
|
|
71
85
|
name: rspec-rails
|
|
72
86
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -129,6 +143,7 @@ files:
|
|
|
129
143
|
- app/models/panda_pal/organization.rb
|
|
130
144
|
- app/models/panda_pal/session.rb
|
|
131
145
|
- app/views/layouts/panda_pal/application.html.erb
|
|
146
|
+
- app/views/panda_pal/lti/iframe_cookie_fix.html.erb
|
|
132
147
|
- app/views/panda_pal/lti/launch.html.erb
|
|
133
148
|
- config/initializers/apartment.rb
|
|
134
149
|
- config/routes.rb
|
|
@@ -209,7 +224,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
209
224
|
version: '0'
|
|
210
225
|
requirements: []
|
|
211
226
|
rubyforge_project:
|
|
212
|
-
rubygems_version: 2.
|
|
227
|
+
rubygems_version: 2.5.2
|
|
213
228
|
signing_key:
|
|
214
229
|
specification_version: 4
|
|
215
230
|
summary: LTI mountable engine
|
|
@@ -258,4 +273,3 @@ test_files:
|
|
|
258
273
|
- spec/models/panda_pal/session_spec.rb
|
|
259
274
|
- spec/rails_helper.rb
|
|
260
275
|
- spec/spec_helper.rb
|
|
261
|
-
has_rdoc:
|