RubyGems - rack-strip-cookies - Versions diffs - 1.0.2 → 2.0.0 - Mend

rack-strip-cookies 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/rack/strip-cookies/version.rb +1 -1
data/lib/rack/strip-cookies.rb +62 -20
metadata +6 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9a8503901e753161808979aa446f1d67ce2987564b7101c7e619c66f2d02e269
-  data.tar.gz: 88c6931d4820ea356ddcba724d39d82003978ce27c11dbd537a0db471bc7862f
+  metadata.gz: ee48b2cf41b5f790f375f381c8456ba1f5454dc7dc836cc613c15f8e5e9c6e1b
+  data.tar.gz: cfc890245c466bcde879ab81d82d9aad4a4fe4b7c0b8d4a5a7f8f88155872397
 SHA512:
-  metadata.gz: 31b18dad5488570f1088e84a2b1bca92cb7cc3c636b09b315d61ad4970f17e7b14d0a5a4e6f2fa96adb1e22233c0241e8980de30134d28debcfb24ca260fafcc
-  data.tar.gz: c91047409d70adb8da31b45bef6db13dc4b6066baa70b39dd59ba2a0294da82cca7c6fd025453dd29283c448e8dc0dcceb222d4ed166f1422ae24bded3bffe7b
+  metadata.gz: e7cb64501921d5e02144044e7d1f36bc2bc61f3954b3c4330aa0fd508dab1d7e2753a5746b669746e04e097c329d2f14c044a5d8fc381f7a72968cb9d3f53cd8
+  data.tar.gz: 34b7e75bfebfbf6211580eb9b591f2434383f839bd9cc9363d86affc01d6539e4b8c14790e527d7d6f3cf0dcc1665d31562c8830c7acaa3ccf6788f4ba2ebc25

data/lib/rack/strip-cookies/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Rack
   class StripCookies
-    VERSION = "1.0.2"
+    VERSION = "2.0.0"
   end
 end

data/lib/rack/strip-cookies.rb CHANGED Viewed

@@ -1,46 +1,88 @@
+# lib/rack/strip-cookies.rb
 module Rack
   class StripCookies
-    attr_reader :app, :paths, :invert
+    attr_reader :app, :patterns, :invert
     # Initializes the middleware.
     #
     # @param app [Rack application] The Rack application.
-    # @param paths [Array<String>] The paths where cookies should be deleted.
-    # @param invert [Boolean] Whether to invert the paths where cookies are deleted.
+    # @param options [Hash] The options to customize the middleware behavior.
+    # @option options [Array<String>] :paths The paths or patterns where cookies should be deleted.
+    #   - Exact paths: "/api"
+    #   - Wildcard paths: "/api/*"
+    # @option options [Boolean] :invert Whether to invert the paths where cookies are deleted.
     def initialize(app, options = {})
       @app = app
-      @paths = Array(options[:paths])
-      @invert = options[:invert] || false
+      @invert = options.fetch(:invert, false)
+      @patterns = compile_patterns(options[:paths] || [])
     end
     # Entry point of the middleware.
     #
+    # This method is called for each HTTP request that passes through the middleware.
+    # It determines whether to strip cookies from the request and response based on
+    # the configured paths/patterns and the invert flag.
+    #
     # @param env [Hash] The request environment.
     # @return [Array] The response containing the status, headers, and body.
     def call(env)
-      # Extract the path from the request
-      path = Rack::Request.new(env).path
+      # Extract the request path from the environment.
+      # 'PATH_INFO' contains the path portion of the URL, e.g., "/dashboard".
+      path = env["PATH_INFO"] || "/"
-      # Check if the request path is in the list of paths to be stripped
-      included = paths.any? { |s| path.include?(s) }
+      # Determine if the current path matches any of the compiled patterns.
+      # Each pattern is a regex that represents either an exact match or a wildcard match.
+      matched = patterns.any? { |regex| regex.match?(path) }
-      # Decide whether to strip cookies based on the request path and the invert flag
-      strip_out = ((included && !invert) || (!included && invert))
+      # Decide whether to strip cookies based on the matching result and the invert flag.
+      # If 'invert' is false:
+      #   - Cookies are stripped if the path matches any of the specified patterns.
+      # If 'invert' is true:
+      #   - Cookies are stripped if the path does NOT match any of the specified patterns.
+      strip_out = (matched && !invert) || (!matched && invert)
-      # If cookies are to be stripped, delete the HTTP_COOKIE from the request environment
-      env.delete("HTTP_COOKIE".freeze) if strip_out
+      if strip_out
+        # Remove the 'HTTP_COOKIE' header from the request environment.
+        # This prevents any cookies from being sent to the application.
+        env.delete("HTTP_COOKIE")
-      # Call the next middleware/app and get the status, headers, and body of the response
-      status, headers, body = @app.call(env)
+        # Call the next middleware or application in the stack with the modified environment.
+        # This returns the HTTP status, headers, and body of the response.
+        status, headers, body = @app.call(env)
-      # If cookies are to be stripped, delete the Set-Cookie header from the response
-      headers.delete("set-cookie".freeze) if strip_out
+        # Remove the 'Set-Cookie' header from the response headers.
+        headers.delete("set-cookie")
-      # If cookies were stripped, insert a custom header indicating that fact
-      headers["cookies-stripped".freeze] = "true" if strip_out
+        # Add a custom header 'Cookies-Stripped' to indicate that cookies were stripped.
+        headers["cookies-stripped"] = "true"
+      else
+        # If cookies are not to be stripped, simply call the next middleware or application.
+        # The original request and response headers remain untouched.
+        status, headers, body = @app.call(env)
+      end
-      # Return the response (status, headers, body) to the next middleware or the web server
+      # Return the final response to the client.
+      # The response is an array containing the status code, headers hash, and body array.
       [status, headers, body]
     end
+    private
+    # Compiles the user-specified paths/patterns into regular expressions.
+    #
+    # @param paths [Array<String>] The paths or patterns to compile.
+    # @return [Array<Regexp>] The array of compiled regular expressions.
+    def compile_patterns(paths)
+      paths.map do |path|
+        if path.end_with?("/*")
+          # Wildcard pattern: "/api/*" -> matches "/api/" and "/api/anything"
+          prefix = Regexp.escape(path.chomp("/*"))
+          Regexp.new("^#{prefix}/.*$")
+        else
+          # Exact match pattern: "/api" -> matches only "/api"
+          Regexp.new("^#{Regexp.escape(path)}$")
+        end
+      end
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-strip-cookies
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 2.0.0
 platform: ruby
 authors:
 - Claudio Poli
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-22 00:00:00.000000000 Z
+date: 2024-09-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -94,7 +94,7 @@ homepage: http://github.com/icoretech/rack-strip-cookies
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -109,8 +109,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.10
-signing_key:
+rubygems_version: 3.5.16
+signing_key:
 specification_version: 4
 summary: Rack middleware to remove cookies at user-defined paths.
 test_files: []