RubyGems - panda_pal - Versions diffs - 4.0.7 → 4.0.8 - Mend

panda_pal 4.0.7 → 4.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/panda_pal/engine.rb +3 -3
data/lib/panda_pal/helpers/controller_helper.rb +6 -1
data/lib/panda_pal/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 191c2d9f7cf6b18d5ed8cbce6fe4e0df6500932aaf9d03be4acfc1988799849b
-  data.tar.gz: aa49c20146e96c20b7a4662840a1bc10e5e5582643316e0b4cfec504dbe78c5b
+  metadata.gz: 2c8be1c60f64e5a088e47e7fba1bb685e1fd943004e10120b3a833770e3b170e
+  data.tar.gz: 9aff936fd9000ac253fc5a950b79b60c1eb707638377fc9084fc4912553bf256
 SHA512:
-  metadata.gz: 60d1ce4ff05cec9b339f1ff9dfaa2c49e56381011a3fa51fb5fddde69c3e7717fe4d2d3ab5535f04940f0ba5fc116a8befa8235add607715acbda3ca659e192e
-  data.tar.gz: e0f27943ef2516c3fef1902428b2cb015050c8211316d13d568cbd8e65598c4f311ee916548bc44300417626fa09e7d1eb81ddda411eef4be87cd5a395116b49
+  metadata.gz: d44beafb64fe37bcd37119206c6f70d68ae1eb3f7252c4368489139ec4106a1fb406742527b5859fd3369b992492416d017cfdcbd28f6b954a6163a478343d00
+  data.tar.gz: 5bfd610e35ff4c9db5265db09943467ef3ae7b9bd9ea3565befe5e7701ef01cd139adae61347ee9f9e107373432541c3be2b201b672cff186fc6b0091b792230

data/lib/panda_pal/engine.rb CHANGED Viewed

@@ -59,7 +59,7 @@ module PandaPal
       SecureHeaders::Configuration.default do |config|
         # The default cookie headers aren't compatable with PandaPal cookies currenntly
-        config.cookies = SecureHeaders::OPT_OUT
+        config.cookies = { samesite: { none: true } }
         # Need to allow LTI iframes
         config.x_frame_options = "ALLOWALL"
@@ -78,8 +78,8 @@ module PandaPal
         }
       end
-      SecureHeaders::Configuration.override(:non_safari_override) do |config|
-        config.cookies = { samesite: { none: true } }
+      SecureHeaders::Configuration.override(:safari_override) do |config|
+        config.cookies = SecureHeaders::OPT_OUT
       end
     end
   end

data/lib/panda_pal/helpers/controller_helper.rb CHANGED Viewed

@@ -26,7 +26,7 @@ module PandaPal::Helpers::ControllerHelper
   def validate_launch!
     authorized = false
-    use_secure_headers_override(:non_safari_override) if !browser.safari? && !session.loaded?
+    safari_override
     if @organization = params['oauth_consumer_key'] && PandaPal::Organization.find_by_key(params['oauth_consumer_key'])
       sanitized_params = request.request_parameters
       # These params come over with a safari-workaround launch.  The authenticator doesn't like them, so clean them out.
@@ -88,6 +88,7 @@ module PandaPal::Helpers::ControllerHelper
     else
       render plain: 'You should do an LTI Tool Launch.', status: :unauthorized unless valid_session?
     end
+    safari_override
   end
   def valid_session?
@@ -99,6 +100,10 @@ module PandaPal::Helpers::ControllerHelper
     ].all?
   end
+  def safari_override
+    use_secure_headers_override(:safari_override) if browser.safari?
+  end
   private
   def organization_key
     params[:oauth_consumer_key] || session[:organization_key]

data/lib/panda_pal/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module PandaPal
-  VERSION = "4.0.7"
+  VERSION = "4.0.8"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: panda_pal
 version: !ruby/object:Gem::Version
-  version: 4.0.7
+  version: 4.0.8
 platform: ruby
 authors:
 - Instructure ProServe
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-01-23 00:00:00.000000000 Z
+date: 2020-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails