rack-cleancookies 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/rack.rb +1 -0
- data/lib/rack/cleancookies.rb +58 -0
- metadata +94 -0
data/lib/rack.rb
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
require 'rack/cleancookies'
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
# Rack middleware that drops non properly encoded cookies that would hurt the ActionDispatch::Cookies middleware.
|
|
2
|
+
#
|
|
3
|
+
# This is actually a hotfix for issues
|
|
4
|
+
# * https://github.com/rack/rack/issues/225
|
|
5
|
+
# * https://github.com/rails/rails/issues/2622
|
|
6
|
+
module Rack
|
|
7
|
+
module CleanCookies
|
|
8
|
+
# Tests whether a string may be decoded as a form component
|
|
9
|
+
def decodable?(string)
|
|
10
|
+
URI.decode_www_form_component(string)
|
|
11
|
+
true
|
|
12
|
+
rescue ArgumentError => e
|
|
13
|
+
/^invalid %-encoding \(.*\)$/.match(e.message) ? false : raise
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
module_function :decodable?
|
|
17
|
+
|
|
18
|
+
# Tests whether a cookie is clean, that is its key and value may be decoded as a form components
|
|
19
|
+
def clean?(cookie)
|
|
20
|
+
key, value = cookie.split('=', 2)
|
|
21
|
+
decodable?(key) && decodable?(value)
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
module_function :clean?
|
|
25
|
+
|
|
26
|
+
class Middleware
|
|
27
|
+
def initialize(app)
|
|
28
|
+
@app = app
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def call(env)
|
|
32
|
+
if env['HTTP_COOKIE']
|
|
33
|
+
clean_cookies, dirty_cookies = [], []
|
|
34
|
+
|
|
35
|
+
# Split cookies into clean and dirty
|
|
36
|
+
env['HTTP_COOKIE'].split(/[;,] */n).each do |cookie|
|
|
37
|
+
if CleanCookies::clean?(cookie)
|
|
38
|
+
clean_cookies << cookie
|
|
39
|
+
else
|
|
40
|
+
dirty_cookies << cookie
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
# Keep only clean cookies
|
|
45
|
+
env['HTTP_COOKIE'] = clean_cookies.join('; ')
|
|
46
|
+
|
|
47
|
+
# Inform about dropped dirty cookies
|
|
48
|
+
unless dirty_cookies.empty?
|
|
49
|
+
env['rack.errors'].puts "Ignoring dirty cookies: #{dirty_cookies.inspect}"
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
# Carry on
|
|
54
|
+
@app.call(env)
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: rack-cleancookies
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
prerelease:
|
|
6
|
+
platform: ruby
|
|
7
|
+
authors:
|
|
8
|
+
- Moreno Carullo
|
|
9
|
+
autorequire:
|
|
10
|
+
bindir: bin
|
|
11
|
+
cert_chain: []
|
|
12
|
+
date: 2012-07-23 00:00:00.000000000 Z
|
|
13
|
+
dependencies:
|
|
14
|
+
- !ruby/object:Gem::Dependency
|
|
15
|
+
name: rake
|
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
|
17
|
+
none: false
|
|
18
|
+
requirements:
|
|
19
|
+
- - ! '>='
|
|
20
|
+
- !ruby/object:Gem::Version
|
|
21
|
+
version: '0'
|
|
22
|
+
type: :runtime
|
|
23
|
+
prerelease: false
|
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
25
|
+
none: false
|
|
26
|
+
requirements:
|
|
27
|
+
- - ! '>='
|
|
28
|
+
- !ruby/object:Gem::Version
|
|
29
|
+
version: '0'
|
|
30
|
+
- !ruby/object:Gem::Dependency
|
|
31
|
+
name: rack
|
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
|
33
|
+
none: false
|
|
34
|
+
requirements:
|
|
35
|
+
- - ! '>='
|
|
36
|
+
- !ruby/object:Gem::Version
|
|
37
|
+
version: '0'
|
|
38
|
+
type: :runtime
|
|
39
|
+
prerelease: false
|
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
41
|
+
none: false
|
|
42
|
+
requirements:
|
|
43
|
+
- - ! '>='
|
|
44
|
+
- !ruby/object:Gem::Version
|
|
45
|
+
version: '0'
|
|
46
|
+
- !ruby/object:Gem::Dependency
|
|
47
|
+
name: test-unit
|
|
48
|
+
requirement: !ruby/object:Gem::Requirement
|
|
49
|
+
none: false
|
|
50
|
+
requirements:
|
|
51
|
+
- - ! '>='
|
|
52
|
+
- !ruby/object:Gem::Version
|
|
53
|
+
version: '0'
|
|
54
|
+
type: :development
|
|
55
|
+
prerelease: false
|
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
57
|
+
none: false
|
|
58
|
+
requirements:
|
|
59
|
+
- - ! '>='
|
|
60
|
+
- !ruby/object:Gem::Version
|
|
61
|
+
version: '0'
|
|
62
|
+
description:
|
|
63
|
+
email:
|
|
64
|
+
executables: []
|
|
65
|
+
extensions: []
|
|
66
|
+
extra_rdoc_files: []
|
|
67
|
+
files:
|
|
68
|
+
- lib/rack.rb
|
|
69
|
+
- lib/rack/cleancookies.rb
|
|
70
|
+
homepage: https://github.com/morenocarullo/rack-cleancookies
|
|
71
|
+
licenses: []
|
|
72
|
+
post_install_message:
|
|
73
|
+
rdoc_options: []
|
|
74
|
+
require_paths:
|
|
75
|
+
- lib
|
|
76
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
77
|
+
none: false
|
|
78
|
+
requirements:
|
|
79
|
+
- - ! '>='
|
|
80
|
+
- !ruby/object:Gem::Version
|
|
81
|
+
version: '0'
|
|
82
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
83
|
+
none: false
|
|
84
|
+
requirements:
|
|
85
|
+
- - ! '>='
|
|
86
|
+
- !ruby/object:Gem::Version
|
|
87
|
+
version: '0'
|
|
88
|
+
requirements: []
|
|
89
|
+
rubyforge_project:
|
|
90
|
+
rubygems_version: 1.8.24
|
|
91
|
+
signing_key:
|
|
92
|
+
specification_version: 3
|
|
93
|
+
summary: Clean dirty cookies from Rack environment
|
|
94
|
+
test_files: []
|