utopia 2.12.0 → 2.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9f1ccbf6d14948ea0dba9dc444126117dcecfec2723bd6bda6278c8cb61e33f2
4
- data.tar.gz: 5d3bceb49b3e9d08bb7a88720445238b3fd6603afdc2862c918afae33ebd70b0
3
+ metadata.gz: 4c2d73d64912a98e6049ac462aacbaee632e8052247865001683a938d88da895
4
+ data.tar.gz: 0444d50ea58f8e7e55127b08d9356cbb03d586ac31caba467e9c4b947f026bda
5
5
  SHA512:
6
- metadata.gz: 45e93d16075a9f89a49fe3f1797ce2e337fb95abdc5a286b9d85c88320920ce020e14285f80f48bc5c25d7f1b45d5378a05157c7bd7354a9f5b5787a2b5b413f
7
- data.tar.gz: d9cbdaf061fc4d22e6657318adb33e59d6df1b1b07e93150f705b481e0561a6dfd376c0afbecc3a946203dd9c3b05ae05f6c5b932bc54f6f2c345afc630a1d0c
6
+ metadata.gz: a2ec30fea649857f33a5fa458badd5e65d0ba0860c2753f613faec4bf5604fd1535adbe727487c463c5f57287748d777debe77d7329d4fccbde0942e1c25ccc6
7
+ data.tar.gz: d23b069e223b6c105de660b0f84365e0e4f56a1a8af94eaf48b5fc24c6389c122acec57854e2e539346a4841fc6b6620887cbdf5c68214b06cdd4aceab35fe6e
@@ -73,7 +73,7 @@ module Utopia
73
73
  attr :root
74
74
 
75
75
  def links(path, **options)
76
- @links.index(path, options)
76
+ @links.index(path, **options)
77
77
  end
78
78
 
79
79
  def fetch_template(path)
@@ -50,9 +50,10 @@ module Utopia
50
50
 
51
51
  # @param session_name [String] The name of the session cookie.
52
52
  # @param secret [Array] The secret text used to generate a symetric encryption key for the coookie data.
53
+ # @param same_site [Symbol, String] Controls how the cookie is provided to the site.
53
54
  # @param expires_after [String] The cache-control header to set for static content.
54
55
  # @param options [Hash<Symbol,Object>] Additional defaults used for generating the cookie by `Rack::Utils.set_cookie_header!`.
55
- def initialize(app, session_name: RACK_SESSION, secret: nil, expires_after: DEFAULT_EXPIRES_AFTER, update_timeout: DEFAULT_UPDATE_TIMEOUT, secure: false, maximum_size: MAXIMUM_SIZE, **options)
56
+ def initialize(app, session_name: RACK_SESSION, secret: nil, expires_after: DEFAULT_EXPIRES_AFTER, update_timeout: DEFAULT_UPDATE_TIMEOUT, secure: false, same_site: :lax, maximum_size: MAXIMUM_SIZE, **options)
56
57
  @app = app
57
58
 
58
59
  @session_name = session_name
@@ -72,8 +73,13 @@ module Utopia
72
73
  @cookie_defaults = {
73
74
  domain: nil,
74
75
  path: "/",
76
+
77
+ # The SameSite attribute controls when the cookie is sent to the server, from 3rd parties (None), from requests with external referrers (Lax) or from within the site itself (Strict).
78
+ same_site: same_site,
79
+
75
80
  # The Secure attribute is meant to keep cookie communication limited to encrypted transmission, directing browsers to use cookies only via secure/encrypted connections. However, if a web server sets a cookie with a secure attribute from a non-secure connection, the cookie can still be intercepted when it is sent to the user by man-in-the-middle attacks. Therefore, for maximum security, cookies with the Secure attribute should only be set over a secure connection.
76
81
  secure: secure,
82
+
77
83
  # The HttpOnly attribute directs browsers not to expose cookies through channels other than HTTP (and HTTPS) requests. This means that the cookie cannot be accessed via client-side scripting languages (notably JavaScript), and therefore cannot be stolen easily via cross-site scripting (a pervasive attack technique).
78
84
  http_only: true,
79
85
  }.merge(options)
@@ -21,5 +21,5 @@
21
21
  # THE SOFTWARE.
22
22
 
23
23
  module Utopia
24
- VERSION = "2.12.0"
24
+ VERSION = "2.12.1"
25
25
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: utopia
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.12.0
4
+ version: 2.12.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Samuel Williams