shopify_app 12.0.2 → 12.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dd21d52fbb932f0fef8522975adfb22431ff103d7fa14e4591e0eb24bafeeaec
4
- data.tar.gz: da650fd1de45574447c28dca6803adf49063e0c879a0eab7d71b2823d3d1f15c
3
+ metadata.gz: 5dcd45c8f2586d1be89322c54d902eb7f9d91d28969725d7ba10e332d3165e29
4
+ data.tar.gz: ac7e290930adff81933a9dac3a2b212a0b2d579018cca043ed01f9c54dd78b35
5
5
  SHA512:
6
- metadata.gz: 04f13911597abebbc3e32bc72ac42f9cfe01e2370515935bac076ce9517a44767af1f6185260cbeaae6a5eb2f76f48eb19ff9f013d41504d144ba8b23fb7ca6a
7
- data.tar.gz: 3474caf61956e3bd8c3b4ae37fb326403493e3391805b85f3962aa753e080b0dfc3c3f82173991b099b804784123d5bf6d108e99ab4f1795c16f4f4cdd1ba862
6
+ metadata.gz: 47e1984dd4168715a3b0698f41cfe76fa989121be1f915dde626bd18e769a535431e78694b1e7b5eaac86324e0bfef89e47289fcbf0d1ab8927c1ed5ead6fb66
7
+ data.tar.gz: 3226cfe6d9001f37b2349f039dfe5a860693ef2bf84d2ca4386c7b0c6024d13ac4a998abfbf4ad331cd190f187b95fe7f3069365d08fcc1466627ed528050c66
@@ -1,3 +1,8 @@
1
+ 12.0.3
2
+ ------
3
+ * Moves samesite middleware higher in the stack #898
4
+ * Fix issue where not redirecting user to granted storage page casues infinite loop #900
5
+
1
6
  12.0.2
2
7
  ------
3
8
  * Reverts "Fix for return_to in safari after enable_cookies/granted_storage_access" introduced in 12.0.1
@@ -14,7 +14,7 @@ module ShopifyApp
14
14
  end
15
15
 
16
16
  initializer "shopify_app.middleware" do |app|
17
- app.config.middleware.insert_before(ActionDispatch::Cookies, ShopifyApp::SameSiteCookieMiddleware)
17
+ app.config.middleware.insert_after(::Rack::Runtime, ShopifyApp::SameSiteCookieMiddleware)
18
18
  end
19
19
  end
20
20
  end
@@ -1,25 +1,32 @@
1
1
  module ShopifyApp
2
2
  class SameSiteCookieMiddleware
3
+ COOKIE_SEPARATOR = "\n"
4
+
3
5
  def initialize(app)
4
6
  @app = app
5
7
  end
6
8
 
7
9
  def call(env)
8
- _status, headers, _body = @app.call(env)
9
- ensure
10
+ status, headers, body = @app.call(env)
10
11
  user_agent = env['HTTP_USER_AGENT']
11
12
 
12
- if headers && headers['Set-Cookie'] && !SameSiteCookieMiddleware.same_site_none_incompatible?(user_agent) &&
13
+ if headers && headers['Set-Cookie'] &&
14
+ !SameSiteCookieMiddleware.same_site_none_incompatible?(user_agent) &&
13
15
  ShopifyApp.configuration.enable_same_site_none
14
16
 
15
- cookies = headers['Set-Cookie'].split("\n").compact
16
-
17
- cookies.each do |cookie|
18
- unless cookie.include?("; SameSite")
19
- headers['Set-Cookie'] = headers['Set-Cookie'].gsub(cookie, "#{cookie}; secure; SameSite=None")
17
+ set_cookies = headers['Set-Cookie']
18
+ .split(COOKIE_SEPARATOR)
19
+ .compact
20
+ .map do |cookie|
21
+ cookie << '; Secure' if not cookie =~ /;\s*secure/i
22
+ cookie << '; SameSite=None' unless cookie =~ /;\s*samesite=/i
23
+ cookie
20
24
  end
21
- end
25
+
26
+ headers['Set-Cookie'] = set_cookies.join(COOKIE_SEPARATOR)
22
27
  end
28
+
29
+ [status, headers, body]
23
30
  end
24
31
 
25
32
  def self.same_site_none_incompatible?(user_agent)
@@ -1,3 +1,3 @@
1
1
  module ShopifyApp
2
- VERSION = '12.0.2'.freeze
2
+ VERSION = '12.0.3'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: shopify_app
3
3
  version: !ruby/object:Gem::Version
4
- version: 12.0.2
4
+ version: 12.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shopify
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-02-11 00:00:00.000000000 Z
11
+ date: 2020-02-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: browser_sniffer