rails_same_site_cookie 0.1.8 → 0.1.9

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 618cf5109f133dcb39a5d87e17f20efe177cad03
4
- data.tar.gz: 5a4f0cc5a8db31861d286304071168b09ed4a307
2
+ SHA256:
3
+ metadata.gz: de603a08185ff1e1df7e28ca0229d6a1f64474336788d233af3a0d647d028868
4
+ data.tar.gz: f01fc02d4261a916c3b2776fa9bafee35a37d5d00c64592d8ecba0aba4a7def2
5
5
  SHA512:
6
- metadata.gz: 8aa434cfd9495919993399d8644546c9c978794331cc6a32d4f429d8498949aab74d240d0b56f683a0a1e0d1929a22346170e389556d814a865bfb5b352cce6a
7
- data.tar.gz: 7bb3208e5804dd672a429e62297f55ac3da376b0200d6d5cac93eca77aa0c88e9374cf11336e3307c24ea7d1d36735d3172b03352f95a282bff244d1c9c0f98d
6
+ metadata.gz: 516d7d5d61abe352bcd927663aec93d85ea0ceffcf254b1816e64168fd627431398dd9a505f7bb4457d53ce093201260039079ef4c69c13739b18a575dbfe357
7
+ data.tar.gz: 5aa26a4289c6fb3ece3b9438c8e4977dca23fa2cfc9eb4d91ba63a01ac44b969152f77f2de93f7c49864fda29fd9178d55b99172a76bc13479391d39bec51586
data/README.md CHANGED
@@ -8,6 +8,9 @@ This new behavior shouldn't be a problem for most apps but if your Rails app pro
8
8
 
9
9
  This gem fixes the above problems by explicity setting SameSite=None for all cookies where the SameSite directive is missing and the requesting user agent is not in Chrome's [provided list of known incompatible clients](https://www.chromium.org/updates/same-site/incompatible-clients).
10
10
 
11
+ ### Note about incompatibility with Safari and the future of third-party cookies
12
+ Newer versions of Safari [block third party cookies by defaul](https://webkit.org/blog/10218/full-third-party-cookie-blocking-and-more/) regardless of whether the SameSite flag is set. By design there is no workaround for this without the user manually going in and overriding the default settings to allow cross-site tracking. Chrome also plans to [completely phase out third party cookies in 2022](https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html) at which point this gem will be useless.
13
+
11
14
  ### Note about HTTP requests and local testing
12
15
  Note that for Chrome/Chromium based browsers the gem only sets the SameSite flag on cookies sent over HTTPS. So if you're testing on your local machine and you haven't setup your localhost to use SSL you will see warnings in versions of Chrome less than 80 about the missing SameSite flag, and in Chrome 80+ these cookies will be ignored entirely. To work around this in Chrome 80+ without setting up SSL you can disable the following Chrome flags: chrome://flags/ -> `SameSite by default cookies` and `Cookies without SameSite must be secure`.
13
16
 
@@ -1,3 +1,3 @@
1
1
  module RailsSameSiteCookie
2
- VERSION = "0.1.8"
2
+ VERSION = "0.1.9"
3
3
  end
@@ -29,5 +29,5 @@ Gem::Specification.new do |spec|
29
29
  spec.add_development_dependency "rspec", "~> 3.0"
30
30
 
31
31
  spec.add_dependency "rack", ">= 1.5"
32
- spec.add_dependency "user_agent_parser", "~> 2.5"
32
+ spec.add_dependency "user_agent_parser", "~> 2.6"
33
33
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_same_site_cookie
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.8
4
+ version: 0.1.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Philip Schinis
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-03-21 00:00:00.000000000 Z
11
+ date: 2021-09-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -72,14 +72,14 @@ dependencies:
72
72
  requirements:
73
73
  - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: '2.5'
75
+ version: '2.6'
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: '2.5'
82
+ version: '2.6'
83
83
  description:
84
84
  email:
85
85
  - p.schinis@gmail.com
@@ -125,8 +125,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
125
125
  - !ruby/object:Gem::Version
126
126
  version: '0'
127
127
  requirements: []
128
- rubyforge_project:
129
- rubygems_version: 2.5.1
128
+ rubygems_version: 3.1.2
130
129
  signing_key:
131
130
  specification_version: 4
132
131
  summary: This gem allows you to set the SameSite=None cookie directive without breaking