panda_pal 2.0.2 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 894962973c1c791c1cc756014123e94abb43e471
|
|
4
|
+
data.tar.gz: a6ce46be2f4676c03d38c23e65579376a0094750
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 12542132e7b4ad67657805aded0c7ae44933af03baf23d7b9318156e08985e3ee8823e4e5739ab127914adfd603cc03f58e73698ebcad6baa52a4476fb5afb5a
|
|
7
|
+
data.tar.gz: 82030c6a2c4c1b82871ac2dd74334462528d6215742ed84e17aa67f5fd0a71ae881ae4f49c1f1e4b5682892aa9cfecee2f7ed3ee3b4410406164f22ef49e3221
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'browser'
|
|
2
|
+
|
|
1
3
|
module PandaPal::Helpers::ControllerHelper
|
|
2
4
|
def save_session
|
|
3
5
|
current_session.try(:save)
|
|
@@ -41,8 +43,29 @@ module PandaPal::Helpers::ControllerHelper
|
|
|
41
43
|
end
|
|
42
44
|
end
|
|
43
45
|
|
|
46
|
+
# Browsers that prevent 3rd party cookies by default (Safari and IE) run into problems
|
|
47
|
+
# with CSRF handling because the Rails session cookie isn't set. To fix this, we
|
|
48
|
+
# redirect the current page to the LTI using JavaScript, which will set the cookie,
|
|
49
|
+
# and then immediately redirect back to Canvas.
|
|
50
|
+
def fix_iframe_cookies
|
|
51
|
+
if params[:safari_cookie_fix].present?
|
|
52
|
+
session[:safari_cookie_fixed] = true
|
|
53
|
+
redirect_to params[:return_to]
|
|
54
|
+
else
|
|
55
|
+
render 'panda_pal/lti/iframe_cookie_fix', layout: false
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def cookies_need_iframe_fix?
|
|
60
|
+
(browser.safari? || browser.ie?) && !request.referrer.include?('sessionless_launch') && !session[:safari_cookie_fixed]
|
|
61
|
+
end
|
|
62
|
+
|
|
44
63
|
def forbid_access_if_lacking_session
|
|
45
|
-
|
|
64
|
+
if cookies_need_iframe_fix?
|
|
65
|
+
fix_iframe_cookies
|
|
66
|
+
else
|
|
67
|
+
render plain: 'You should do an LTI Tool Launch.', status: :unauthorized unless valid_session?
|
|
68
|
+
end
|
|
46
69
|
end
|
|
47
70
|
|
|
48
71
|
def valid_session?
|
data/lib/panda_pal/version.rb
CHANGED
data/panda_pal.gemspec
CHANGED
|
@@ -19,6 +19,7 @@ Gem::Specification.new do |s|
|
|
|
19
19
|
s.add_dependency "pg", '~> 0.20'
|
|
20
20
|
s.add_dependency 'apartment', '~> 1.2.0'
|
|
21
21
|
s.add_dependency 'ims-lti', '~> 2.1.0'
|
|
22
|
+
s.add_dependency 'browser', '2.5.0'
|
|
22
23
|
|
|
23
24
|
s.add_development_dependency 'rspec-rails'
|
|
24
25
|
s.add_development_dependency 'factory_girl_rails'
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: panda_pal
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Young
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2017-
|
|
12
|
+
date: 2017-08-18 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|
|
@@ -67,6 +67,20 @@ dependencies:
|
|
|
67
67
|
- - "~>"
|
|
68
68
|
- !ruby/object:Gem::Version
|
|
69
69
|
version: 2.1.0
|
|
70
|
+
- !ruby/object:Gem::Dependency
|
|
71
|
+
name: browser
|
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
|
73
|
+
requirements:
|
|
74
|
+
- - '='
|
|
75
|
+
- !ruby/object:Gem::Version
|
|
76
|
+
version: 2.5.0
|
|
77
|
+
type: :runtime
|
|
78
|
+
prerelease: false
|
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
80
|
+
requirements:
|
|
81
|
+
- - '='
|
|
82
|
+
- !ruby/object:Gem::Version
|
|
83
|
+
version: 2.5.0
|
|
70
84
|
- !ruby/object:Gem::Dependency
|
|
71
85
|
name: rspec-rails
|
|
72
86
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -129,6 +143,7 @@ files:
|
|
|
129
143
|
- app/models/panda_pal/organization.rb
|
|
130
144
|
- app/models/panda_pal/session.rb
|
|
131
145
|
- app/views/layouts/panda_pal/application.html.erb
|
|
146
|
+
- app/views/panda_pal/lti/iframe_cookie_fix.html.erb
|
|
132
147
|
- app/views/panda_pal/lti/launch.html.erb
|
|
133
148
|
- config/initializers/apartment.rb
|
|
134
149
|
- config/routes.rb
|
|
@@ -209,7 +224,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
209
224
|
version: '0'
|
|
210
225
|
requirements: []
|
|
211
226
|
rubyforge_project:
|
|
212
|
-
rubygems_version: 2.
|
|
227
|
+
rubygems_version: 2.5.2
|
|
213
228
|
signing_key:
|
|
214
229
|
specification_version: 4
|
|
215
230
|
summary: LTI mountable engine
|
|
@@ -258,4 +273,3 @@ test_files:
|
|
|
258
273
|
- spec/models/panda_pal/session_spec.rb
|
|
259
274
|
- spec/rails_helper.rb
|
|
260
275
|
- spec/spec_helper.rb
|
|
261
|
-
has_rdoc:
|