rack-strip-cookies 0.0.4 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 7eafe50366d6e4108cceffe2e11c6b252ffef7f9
4
- data.tar.gz: a5191640fd78fe70345bf3ee699173cfe352e87b
2
+ SHA256:
3
+ metadata.gz: 66e97e6cf416eb10f05682f5ccf531f2c95f651e832ceee8ae8387609223afeb
4
+ data.tar.gz: e9991ec7c0baf84509ddf9ba82eff43c2ae8ff538c1744f0ffb19ca13a7c6318
5
5
  SHA512:
6
- metadata.gz: 89592d00d384bb07e1f460085a4c9913dc41957a238c052b154cbd554a8872240397fba0be1b81682532c7e233c7197e78ad34b8a9156d027a528ba4ec72873e
7
- data.tar.gz: 771c40ff4e8d62fbef97ac7d89899b9116879851d127de1f65d53e75e1b2af443868f0025c89a130f0d8534d7bf55f395b577c89d60aa4bc334c0d544a1b7770
6
+ metadata.gz: 50a26b18e48cfcc3ae7da149461b85bc94ca490a11014ceb7bbe94f8bb97f1269f217d559a218ca6a194ddab7f87487a77528e8e2084009e2695534e801da6d1
7
+ data.tar.gz: 7c61e87dd4e6c9fabd721419b8d74f34b28690c45c55b81069809eebf4a6432971a725cdf0e5ca1e7e3c05526b51b1a6b0c6d67dbb56ee3da53103692505164d
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  class StripCookies
3
- VERSION = '0.0.4'
3
+ VERSION = "1.0.0"
4
4
  end
5
5
  end
@@ -1,20 +1,45 @@
1
1
  module Rack
2
2
  class StripCookies
3
- attr_reader :paths
3
+ attr_reader :app, :paths, :invert
4
4
 
5
+ # Initializes the middleware.
6
+ #
7
+ # @param app [Rack application] The Rack application.
8
+ # @param paths [Array<String>] The paths where cookies should be deleted.
9
+ # @param invert [Boolean] Whether to invert the paths where cookies are deleted.
5
10
  def initialize(app, options = {})
6
- @app, @paths = app, Array(options[:paths])
11
+ @app = app
12
+ @paths = Array(options[:paths])
13
+ @invert = options[:invert] || false
7
14
  end
8
15
 
16
+ # Entry point of the middleware.
17
+ #
18
+ # @param env [Hash] The request environment.
19
+ # @return [Array] The response containing the status, headers, and body.
9
20
  def call(env)
10
- path = Rack::Request.new(env).path
11
- included = paths.any? { |s| path.include?(s)}
21
+ # Extract the path from the request
22
+ path = Rack::Request.new(env).path
12
23
 
13
- env.delete('HTTP_COOKIE') if included
24
+ # Check if the request path is in the list of paths to be stripped
25
+ included = paths.any? { |s| path.include?(s) }
14
26
 
27
+ # Decide whether to strip cookies based on the request path and the invert flag
28
+ strip_out = ((included && !invert) || (!included && invert))
29
+
30
+ # If cookies are to be stripped, delete the HTTP_COOKIE from the request environment
31
+ env.delete("HTTP_COOKIE".freeze) if strip_out
32
+
33
+ # Call the next middleware/app and get the status, headers, and body of the response
15
34
  status, headers, body = @app.call(env)
16
- headers.delete('Set-Cookie') if included
17
35
 
36
+ # If cookies are to be stripped, delete the Set-Cookie header from the response
37
+ headers.delete("set-cookie".freeze) if strip_out
38
+
39
+ # If cookies were stripped, insert a custom header indicating that fact
40
+ headers["cookies-stripped".freeze] = "true" if strip_out
41
+
42
+ # Return the response (status, headers, body) to the next middleware or the web server
18
43
  [status, headers, body]
19
44
  end
20
45
  end
@@ -1 +1 @@
1
- require 'rack/strip-cookies'
1
+ require "rack/strip-cookies"
metadata CHANGED
@@ -1,57 +1,85 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-strip-cookies
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.4
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Claudio Poli
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-12-02 00:00:00.000000000 Z
11
+ date: 2023-05-22 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rack
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '3.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '3.0'
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: bundler
15
29
  requirement: !ruby/object:Gem::Requirement
16
30
  requirements:
17
- - - "~>"
31
+ - - ">="
18
32
  - !ruby/object:Gem::Version
19
- version: '1.0'
33
+ version: '2.2'
20
34
  type: :development
21
35
  prerelease: false
22
36
  version_requirements: !ruby/object:Gem::Requirement
23
37
  requirements:
24
- - - "~>"
38
+ - - ">="
25
39
  - !ruby/object:Gem::Version
26
- version: '1.0'
40
+ version: '2.2'
27
41
  - !ruby/object:Gem::Dependency
28
- name: rack
42
+ name: rack-test
29
43
  requirement: !ruby/object:Gem::Requirement
30
44
  requirements:
31
- - - "~>"
45
+ - - ">="
32
46
  - !ruby/object:Gem::Version
33
- version: '1.2'
47
+ version: 2.1.0
34
48
  type: :development
35
49
  prerelease: false
36
50
  version_requirements: !ruby/object:Gem::Requirement
37
51
  requirements:
38
- - - "~>"
52
+ - - ">="
39
53
  - !ruby/object:Gem::Version
40
- version: '1.2'
54
+ version: 2.1.0
41
55
  - !ruby/object:Gem::Dependency
42
- name: rack-test
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: 13.0.6
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: 13.0.6
69
+ - !ruby/object:Gem::Dependency
70
+ name: minitest
43
71
  requirement: !ruby/object:Gem::Requirement
44
72
  requirements:
45
- - - "~>"
73
+ - - ">="
46
74
  - !ruby/object:Gem::Version
47
- version: 0.6.2
75
+ version: 5.18.0
48
76
  type: :development
49
77
  prerelease: false
50
78
  version_requirements: !ruby/object:Gem::Requirement
51
79
  requirements:
52
- - - "~>"
80
+ - - ">="
53
81
  - !ruby/object:Gem::Version
54
- version: 0.6.2
82
+ version: 5.18.0
55
83
  description: Rack middleware to remove cookies at user-defined paths.
56
84
  email:
57
85
  - claudio@icorete.ch
@@ -59,24 +87,14 @@ executables: []
59
87
  extensions: []
60
88
  extra_rdoc_files: []
61
89
  files:
62
- - ".gitignore"
63
- - ".rspec"
64
- - ".ruby-version"
65
- - ".travis.yml"
66
- - Gemfile
67
- - LICENSE.txt
68
- - README.md
69
- - Rakefile
70
90
  - lib/rack-strip-cookies.rb
71
91
  - lib/rack/strip-cookies.rb
72
92
  - lib/rack/strip-cookies/version.rb
73
- - rack-strip-cookies.gemspec
74
- - spec/rack-strip-cookies_spec.rb
75
93
  homepage: http://github.com/icoretech/rack-strip-cookies
76
94
  licenses:
77
95
  - MIT
78
96
  metadata: {}
79
- post_install_message:
97
+ post_install_message:
80
98
  rdoc_options: []
81
99
  require_paths:
82
100
  - lib
@@ -91,10 +109,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
91
109
  - !ruby/object:Gem::Version
92
110
  version: '0'
93
111
  requirements: []
94
- rubyforge_project:
95
- rubygems_version: 2.4.3
96
- signing_key:
112
+ rubygems_version: 3.4.6
113
+ signing_key:
97
114
  specification_version: 4
98
115
  summary: Rack middleware to remove cookies at user-defined paths.
99
- test_files:
100
- - spec/rack-strip-cookies_spec.rb
116
+ test_files: []
data/.gitignore DELETED
@@ -1,17 +0,0 @@
1
- *.gem
2
- *.rbc
3
- .bundle
4
- .config
5
- .yardoc
6
- Gemfile.lock
7
- InstalledFiles
8
- _yardoc
9
- coverage
10
- doc/
11
- lib/bundler/man
12
- pkg
13
- rdoc
14
- spec/reports
15
- test/tmp
16
- test/version_tmp
17
- tmp
data/.rspec DELETED
@@ -1,2 +0,0 @@
1
- --color
2
- --format progress
data/.ruby-version DELETED
@@ -1 +0,0 @@
1
- ruby-2.1.5
data/.travis.yml DELETED
@@ -1,13 +0,0 @@
1
- language: ruby
2
- rvm:
3
- - 1.9.2
4
- - 1.9.3
5
- - 2.1
6
- notifications:
7
- email: false
8
- env:
9
- - "rack=1.2.8"
10
- - "rack=1.3.10"
11
- - "rack=1.4.5"
12
- - "rack=1.5.2"
13
- - "rack=master"
data/Gemfile DELETED
@@ -1,22 +0,0 @@
1
- source 'https://rubygems.org'
2
-
3
- gemspec
4
-
5
- gem 'rake'
6
-
7
- github = 'git://github.com/%s.git'
8
- repos = { 'rack' => github % 'rack/rack' }
9
-
10
- %w(rack).each do |lib|
11
- dep = case ENV[lib]
12
- when 'stable', nil then nil
13
- when /(\d+\.)+\d+/ then '~> ' + ENV[lib].sub("#{lib}-", '')
14
- else { git: repos[lib], branch: dep }
15
- end
16
- gem lib, dep
17
- end
18
-
19
- group :test do
20
- gem 'rack-test'
21
- gem 'coveralls', require: false
22
- end
data/LICENSE.txt DELETED
@@ -1,22 +0,0 @@
1
- Copyright (c) 2013 Claudio Poli
2
-
3
- MIT License
4
-
5
- Permission is hereby granted, free of charge, to any person obtaining
6
- a copy of this software and associated documentation files (the
7
- "Software"), to deal in the Software without restriction, including
8
- without limitation the rights to use, copy, modify, merge, publish,
9
- distribute, sublicense, and/or sell copies of the Software, and to
10
- permit persons to whom the Software is furnished to do so, subject to
11
- the following conditions:
12
-
13
- The above copyright notice and this permission notice shall be
14
- included in all copies or substantial portions of the Software.
15
-
16
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
- NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
- LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
- OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
- WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md DELETED
@@ -1,47 +0,0 @@
1
- # Rack::StripCookies [![Build Status](https://secure.travis-ci.org/icoretech/rack-strip-cookies.png)](https://travis-ci.org/icoretech/rack-strip-cookies?branch=master)
2
-
3
- Simple Rack middleware to remove cookies at specified paths.
4
-
5
- ## Installation
6
-
7
- Add this line to your application's Gemfile:
8
-
9
- gem 'rack-strip-cookies'
10
-
11
- And then execute:
12
-
13
- $ bundle
14
-
15
- Or install it yourself as:
16
-
17
- $ gem install rack-strip-cookies
18
-
19
- ## Concept
20
-
21
- The goal of this gem is not only avoid serving a cookie to a client through the Set-Cookie header, but also to erase cookies sent in the request. In other words the client-sent cookies will not make it to your application layer, provided the middleware is loaded in the correct place in the stack.
22
-
23
- ## Use cases
24
-
25
- - You have a buggy third party library that raises exception when cookies are sent in a request, such as an authentication engine.
26
- - You are looking for a cheap way to not mess with session cookie disabilitation in your framework.
27
- - Selectively shut down cookies on specific paths, configurable when adding the middleware.
28
-
29
- ## Ruby on Rails
30
-
31
- To make the middleware available in all environments, open `config/application.rb` and add in `class Application < Rails::Application`:
32
-
33
- ```ruby
34
- config.middleware.insert_before(ActionDispatch::Cookies, Rack::StripCookies, paths: %w(/oauth2/token))
35
- ```
36
-
37
- If you want to customize the environment in which the middleware is enabled edit the respective environment files instead.
38
-
39
- You can verify the middleware positioning by typing `rake middleware` in the root of your application.
40
-
41
- ## Contributing
42
-
43
- 1. Fork it
44
- 2. Create your feature branch (`git checkout -b my-new-feature`)
45
- 3. Commit your changes (`git commit -am 'Add some feature'`)
46
- 4. Push to the branch (`git push origin my-new-feature`)
47
- 5. Create new Pull Request
data/Rakefile DELETED
@@ -1,10 +0,0 @@
1
- require "bundler/gem_tasks"
2
-
3
- require "rake/testtask"
4
- Rake::TestTask.new do |t|
5
- t.libs.push "lib"
6
- t.test_files = FileList['spec/*_spec.rb']
7
- t.verbose = true
8
- end
9
-
10
- task :default => :test
@@ -1,24 +0,0 @@
1
- # coding: utf-8
2
- lib = File.expand_path('../lib', __FILE__)
3
- $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
- require 'rack/strip-cookies/version'
5
-
6
- Gem::Specification.new do |spec|
7
- spec.name = 'rack-strip-cookies'
8
- spec.version = Rack::StripCookies::VERSION
9
- spec.authors = ['Claudio Poli']
10
- spec.email = ['claudio@icorete.ch']
11
- spec.summary = 'Rack middleware to remove cookies at user-defined paths.'
12
- spec.description = 'Rack middleware to remove cookies at user-defined paths.'
13
- spec.homepage = 'http://github.com/icoretech/rack-strip-cookies'
14
- spec.license = 'MIT'
15
-
16
- spec.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
17
- spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
- spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
- spec.require_paths = ['lib']
20
-
21
- spec.add_development_dependency 'bundler', '~> 1.0'
22
- spec.add_development_dependency 'rack', '~> 1.2'
23
- spec.add_development_dependency 'rack-test', '~> 0.6.2'
24
- end
@@ -1,47 +0,0 @@
1
- require 'rubygems'
2
- require 'minitest/spec'
3
- require 'minitest/autorun'
4
- require 'rack/mock'
5
- require 'rack/test'
6
- require 'coveralls'
7
-
8
- require_relative '../lib/rack/strip-cookies'
9
-
10
- Coveralls.wear!
11
-
12
- describe Rack::StripCookies do
13
- include Rack::Test::Methods
14
-
15
- def app; Rack::Lint.new(@app); end
16
-
17
- def mock_app(options_or_options_array = {})
18
- main_app = lambda { |env|
19
- request = Rack::Request.new(env)
20
- headers = {'Content-Type' => "text/html"}
21
- headers['Set-Cookie'] = "id=1; path=/oauth/token; secure; HttpOnly"
22
- [200, headers, ['Hello there']]
23
- }
24
-
25
- builder = Rack::Builder.new
26
- options_or_options_array = [options_or_options_array] unless options_or_options_array.is_a?(Array)
27
- Array(options_or_options_array).each do |options|
28
- builder.use Rack::StripCookies, options
29
- end
30
- builder.run main_app
31
- @app = builder.to_app
32
- end
33
-
34
- before do
35
- mock_app(paths: ["/oauth/token"])
36
- end
37
-
38
- it 'does not clean the cookie on another path' do
39
- get 'http://www.example.org/oauth'
40
- last_response.headers['Set-Cookie'].split("\n").must_equal(["id=1; path=/oauth/token; secure; HttpOnly"])
41
- end
42
-
43
- it 'clean the cookie' do
44
- get 'http://www.example.org/oauth/token'
45
- last_response.headers['Set-Cookie'].must_equal(nil)
46
- end
47
- end