RubyGems - utopia - Versions diffs - 2.12.0 → 2.12.1 - Mend

utopia 2.12.0 → 2.12.1

Files changed (5) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9f1ccbf6d14948ea0dba9dc444126117dcecfec2723bd6bda6278c8cb61e33f2
-  data.tar.gz: 5d3bceb49b3e9d08bb7a88720445238b3fd6603afdc2862c918afae33ebd70b0
+  metadata.gz: 4c2d73d64912a98e6049ac462aacbaee632e8052247865001683a938d88da895
+  data.tar.gz: 0444d50ea58f8e7e55127b08d9356cbb03d586ac31caba467e9c4b947f026bda
 SHA512:
-  metadata.gz: 45e93d16075a9f89a49fe3f1797ce2e337fb95abdc5a286b9d85c88320920ce020e14285f80f48bc5c25d7f1b45d5378a05157c7bd7354a9f5b5787a2b5b413f
-  data.tar.gz: d9cbdaf061fc4d22e6657318adb33e59d6df1b1b07e93150f705b481e0561a6dfd376c0afbecc3a946203dd9c3b05ae05f6c5b932bc54f6f2c345afc630a1d0c
+  metadata.gz: a2ec30fea649857f33a5fa458badd5e65d0ba0860c2753f613faec4bf5604fd1535adbe727487c463c5f57287748d777debe77d7329d4fccbde0942e1c25ccc6
+  data.tar.gz: d23b069e223b6c105de660b0f84365e0e4f56a1a8af94eaf48b5fc24c6389c122acec57854e2e539346a4841fc6b6620887cbdf5c68214b06cdd4aceab35fe6e

data/lib/utopia/content.rb CHANGED

@@ -73,7 +73,7 @@ module Utopia
 		attr :root
 		def links(path, **options)
-			@links.index(path, options)
+			@links.index(path, **options)
 		end
 		def fetch_template(path)

data/lib/utopia/session.rb CHANGED

@@ -50,9 +50,10 @@ module Utopia
 		# @param session_name [String] The name of the session cookie.
 		# @param secret [Array] The secret text used to generate a symetric encryption key for the coookie data.
+		# @param same_site [Symbol, String] Controls how the cookie is provided to the site.
 		# @param expires_after [String] The cache-control header to set for static content.
 		# @param options [Hash<Symbol,Object>] Additional defaults used for generating the cookie by `Rack::Utils.set_cookie_header!`.
-		def initialize(app, session_name: RACK_SESSION, secret: nil, expires_after: DEFAULT_EXPIRES_AFTER, update_timeout: DEFAULT_UPDATE_TIMEOUT, secure: false, maximum_size: MAXIMUM_SIZE, **options)
+		def initialize(app, session_name: RACK_SESSION, secret: nil, expires_after: DEFAULT_EXPIRES_AFTER, update_timeout: DEFAULT_UPDATE_TIMEOUT, secure: false, same_site: :lax, maximum_size: MAXIMUM_SIZE, **options)
 			@app = app
 			@session_name = session_name
@@ -72,8 +73,13 @@ module Utopia
 			@cookie_defaults = {
 				domain: nil,
 				path: "/",
+				# The SameSite attribute controls when the cookie is sent to the server, from 3rd parties (None), from requests with external referrers (Lax) or from within the site itself (Strict).
+				same_site: same_site,
 				# The Secure attribute is meant to keep cookie communication limited to encrypted transmission, directing browsers to use cookies only via secure/encrypted connections. However, if a web server sets a cookie with a secure attribute from a non-secure connection, the cookie can still be intercepted when it is sent to the user by man-in-the-middle attacks. Therefore, for maximum security, cookies with the Secure attribute should only be set over a secure connection.
 				secure: secure,
 				# The HttpOnly attribute directs browsers not to expose cookies through channels other than HTTP (and HTTPS) requests. This means that the cookie cannot be accessed via client-side scripting languages (notably JavaScript), and therefore cannot be stolen easily via cross-site scripting (a pervasive attack technique).
 				http_only: true,
 			}.merge(options)

data/lib/utopia/version.rb CHANGED

@@ -21,5 +21,5 @@
 # THE SOFTWARE.
 module Utopia
-	VERSION = "2.12.0"
+	VERSION = "2.12.1"
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: utopia
 version: !ruby/object:Gem::Version
-  version: 2.12.0
+  version: 2.12.1
 platform: ruby
 authors:
 - Samuel Williams