rack-policy 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.md +7 -0
- data/README.md +22 -8
- data/examples/sinatra.ru +18 -0
- data/lib/rack/policy/cookie_limiter.rb +6 -1
- data/lib/rack/policy/version.rb +1 -1
- metadata +11 -10
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
0.3.0 (June 30, 2012)
|
|
2
|
+
|
|
3
|
+
* Add thread safety.
|
|
4
|
+
* Update documentation with usage examples for sinatra, rackup.
|
|
5
|
+
* Ensure information type requests don't have body.
|
|
6
|
+
* Add sinatra app to code examples.
|
|
7
|
+
|
|
1
8
|
0.2.0 (June 24, 2012)
|
|
2
9
|
|
|
3
10
|
* Fix bug when checking allowed cookie.
|
data/README.md
CHANGED
|
@@ -27,14 +27,14 @@ Or install it yourself as:
|
|
|
27
27
|
By default when the Rack application is loaded no cookies will be set(provided no session cookies already exist), and any existing session cookies will be destroyed. Throughout the request cycle cookies now won't be set until the user has given explicit consent. This can be controlled by setting consent token
|
|
28
28
|
|
|
29
29
|
```ruby
|
|
30
|
-
Rack::Policy::CookieLimiter consent_token: 'allow_me'
|
|
30
|
+
Rack::Policy::CookieLimiter, consent_token: 'allow_me'
|
|
31
31
|
```
|
|
32
32
|
|
|
33
33
|
The very same `consent_token` is used to toggle the limiter behaviour.
|
|
34
34
|
|
|
35
35
|
## Examples
|
|
36
36
|
|
|
37
|
-
Adding `Rack::Policy::CookieLimiter`
|
|
37
|
+
Adding `Rack::Policy::CookieLimiter` to Rack applications
|
|
38
38
|
|
|
39
39
|
### Rails 3.x
|
|
40
40
|
|
|
@@ -43,11 +43,11 @@ Adding `Rack::Policy::CookieLimiter` do Rack applications
|
|
|
43
43
|
require 'rack/policy'
|
|
44
44
|
|
|
45
45
|
class Application < Rails::Application
|
|
46
|
-
config.middleware.use Rack::Policy::CookieLimiter consent_token: 'rack.policy'
|
|
46
|
+
config.middleware.use Rack::Policy::CookieLimiter, consent_token: 'rack.policy'
|
|
47
47
|
end
|
|
48
48
|
```
|
|
49
49
|
|
|
50
|
-
And then in your
|
|
50
|
+
And then in your custom controller create actions responsible for setting and unsetting cookie policy
|
|
51
51
|
|
|
52
52
|
```ruby
|
|
53
53
|
class CookiePolicyController < ApplicationController
|
|
@@ -55,6 +55,7 @@ class CookiePolicyController < ApplicationController
|
|
|
55
55
|
def allow
|
|
56
56
|
response.set_cookie 'rack.policy', {
|
|
57
57
|
value: 'true',
|
|
58
|
+
path: '/',
|
|
58
59
|
expires: 1.year.from_now.utc
|
|
59
60
|
}
|
|
60
61
|
render nothing: true
|
|
@@ -73,7 +74,8 @@ end
|
|
|
73
74
|
# config/environment
|
|
74
75
|
|
|
75
76
|
Rails::Initializer.run do |config|
|
|
76
|
-
|
|
77
|
+
require 'rack/policy'
|
|
78
|
+
config.middleware.insert_before Rack::Lock, Rack::Policy::CookieLimiter, consent_token: 'rack.policy'
|
|
77
79
|
end
|
|
78
80
|
```
|
|
79
81
|
|
|
@@ -88,7 +90,9 @@ For classic style sinatra application do
|
|
|
88
90
|
require 'sinatra'
|
|
89
91
|
require 'rack/policy'
|
|
90
92
|
|
|
91
|
-
|
|
93
|
+
configure do
|
|
94
|
+
use Rack::Policy::CookieLimiter, consent_token: 'rack.policy'
|
|
95
|
+
end
|
|
92
96
|
|
|
93
97
|
get('/') { "Allow cookies to be set? <a href='/allow'>Allow</a>" }
|
|
94
98
|
|
|
@@ -97,9 +101,19 @@ get('/allow') { response.set_cookie 'rack.policy' }
|
|
|
97
101
|
get('/deny') { response.delete_cookie 'rack.policy' }
|
|
98
102
|
```
|
|
99
103
|
|
|
100
|
-
### Padrino
|
|
104
|
+
### Padrino
|
|
105
|
+
|
|
106
|
+
```ruby
|
|
107
|
+
#!/usr/bin/env ruby -rubygems
|
|
108
|
+
require 'padrino'
|
|
109
|
+
require 'rack/policy'
|
|
110
|
+
|
|
111
|
+
class MyApp < Padrino::Application
|
|
112
|
+
use Rack::Policy::CookieLimiter consent_token: 'rack.policy'
|
|
113
|
+
end
|
|
114
|
+
```
|
|
101
115
|
|
|
102
|
-
### Rackup
|
|
116
|
+
### Rackup
|
|
103
117
|
|
|
104
118
|
```ruby
|
|
105
119
|
#!/usr/bin/env rackup
|
data/examples/sinatra.ru
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
require 'sinatra'
|
|
2
|
+
require 'rack/policy'
|
|
3
|
+
|
|
4
|
+
configure do
|
|
5
|
+
use Rack::Policy::CookieLimiter
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
get '/' do
|
|
9
|
+
response.set_cookie 'foo', 'bar'
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
get '/allow' do
|
|
13
|
+
response.set_cookie 'rack.policy', :expires => Time.now + 360
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
get '/deny' do
|
|
17
|
+
response.delete_cookie 'rack.policy'
|
|
18
|
+
end
|
|
@@ -29,6 +29,10 @@ module Rack
|
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
def call(env)
|
|
32
|
+
dup.call!(env)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def call!(env)
|
|
32
36
|
self.status, self.headers, self.body = @app.call(env)
|
|
33
37
|
request = Rack::Request.new(env)
|
|
34
38
|
response = Rack::Response.new body, status, headers
|
|
@@ -50,7 +54,8 @@ module Rack
|
|
|
50
54
|
|
|
51
55
|
# Finish http response with proper headers
|
|
52
56
|
def finish(env)
|
|
53
|
-
if [204, 304].include?(status.to_i)
|
|
57
|
+
if [204, 304].include?(status.to_i) || (status.to_i / 100 == 1)
|
|
58
|
+
headers.delete "Content-Length"
|
|
54
59
|
headers.delete "Content-Type"
|
|
55
60
|
[status.to_i, headers, []]
|
|
56
61
|
elsif env['REQUEST_METHOD'] == 'HEAD'
|
data/lib/rack/policy/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-policy
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,11 +9,11 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-06-
|
|
12
|
+
date: 2012-06-30 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rack
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &2152543580 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ~>
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: '1.1'
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *2152543580
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: rack-test
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &2152543140 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,10 +32,10 @@ dependencies:
|
|
|
32
32
|
version: '0'
|
|
33
33
|
type: :development
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *2152543140
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: rspec
|
|
38
|
-
requirement: &
|
|
38
|
+
requirement: &2152542560 !ruby/object:Gem::Requirement
|
|
39
39
|
none: false
|
|
40
40
|
requirements:
|
|
41
41
|
- - ! '>='
|
|
@@ -43,10 +43,10 @@ dependencies:
|
|
|
43
43
|
version: '0'
|
|
44
44
|
type: :development
|
|
45
45
|
prerelease: false
|
|
46
|
-
version_requirements: *
|
|
46
|
+
version_requirements: *2152542560
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: rake
|
|
49
|
-
requirement: &
|
|
49
|
+
requirement: &2152541880 !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
52
|
- - ! '>='
|
|
@@ -54,7 +54,7 @@ dependencies:
|
|
|
54
54
|
version: '0'
|
|
55
55
|
type: :development
|
|
56
56
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *2152541880
|
|
58
58
|
description: This is Rack middleware that makes your app compliant with the 'EU ePrivacy
|
|
59
59
|
Directive'
|
|
60
60
|
email:
|
|
@@ -74,6 +74,7 @@ files:
|
|
|
74
74
|
- Rakefile
|
|
75
75
|
- examples/rails_3/Gemfile
|
|
76
76
|
- examples/rails_3/rails_3.ru
|
|
77
|
+
- examples/sinatra.ru
|
|
77
78
|
- lib/rack-policy.rb
|
|
78
79
|
- lib/rack/policy.rb
|
|
79
80
|
- lib/rack/policy/cookie_limiter.rb
|