Class: ActionDispatch::Cookies::CookieJar

Inherits:

Object

• Object
• ActionDispatch::Cookies::CookieJar

Includes:

ChainedCookieJars, Enumerable

Defined in:

lib/action_dispatch/middleware/cookies.rb

Overview

:nodoc:

Direct Known Subclasses

ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullCookieJar

Constant Summary

DOMAIN_REGEXP =

This regular expression is used to split the levels of a domain. The top level domain can be any string without a period or ., *. style TLDs like co.uk or com.au

www.example.co.uk gives: $& => example.co.uk

example.com gives: $& => example.com

lots.of.subdomains.example.local gives: $& => example.local

/[^.]*\.([^.]*|..\...|...\...)$/

Class Method Summary

• .build(request) ⇒ Object
• .options_for_env(env) ⇒ Object

  :nodoc:.

Instance Method Summary

• #[](name) ⇒ Object

  Returns the value of the cookie by name, or nil if no such cookie exists.

• #[]=(name, options) ⇒ Object

  Sets the cookie named name.

• #clear(options = {}) ⇒ Object

  Removes all cookies on the client machine by calling delete for each cookie.

• #commit! ⇒ Object
• #committed? ⇒ Boolean
• #delete(name, options = {}) ⇒ Object

  Removes the cookie on the client machine by setting the value to an empty string and the expiration date in the past.

• #deleted?(name, options = {}) ⇒ Boolean

  Whether the given cookie is to be deleted by this CookieJar.

• #each(&block) ⇒ Object
• #fetch(name, *args, &block) ⇒ Object
• #handle_options(options) ⇒ Object

  :nodoc:.

• #initialize(key_generator, host = nil, secure = false, options = {}) ⇒ CookieJar constructor

  A new instance of CookieJar.

• #key?(name) ⇒ Boolean (also: #has_key?)
• #recycle! ⇒ Object

  :nodoc:.

• #update(other_hash) ⇒ Object
• #write(headers) ⇒ Object

Methods included from ChainedCookieJars

#encrypted, #permanent, #signed, #signed_or_encrypted

Constructor Details

#initialize(key_generator, host = nil, secure = false, options = {}) ⇒ CookieJar

Returns a new instance of CookieJar.

# File 'lib/action_dispatch/middleware/cookies.rb', line 241

def initialize(key_generator, host = nil, secure = false, options = {})
  @key_generator = key_generator
  @set_cookies = {}
  @delete_cookies = {}
  @host = host
  @secure = secure
  @options = options
  @cookies = {}
  @committed = false
end

Class Method Details

.build(request) ⇒ Object

# File 'lib/action_dispatch/middleware/cookies.rb', line 228

def self.build(request)
  env = request.env
  key_generator = env[GENERATOR_KEY]
  options = options_for_env env

  host = request.host
  secure = request.ssl?

  new(key_generator, host, secure, options).tap do |hash|
    hash.update(request.cookies)
  end
end

.options_for_env(env) ⇒ Object

:nodoc:

# File 'lib/action_dispatch/middleware/cookies.rb', line 216

def self.options_for_env(env) #:nodoc:
  { signed_cookie_salt: env[SIGNED_COOKIE_SALT] || '',
    encrypted_cookie_salt: env[ENCRYPTED_COOKIE_SALT] || '',
    encrypted_signed_cookie_salt: env[ENCRYPTED_SIGNED_COOKIE_SALT] || '',
    secret_token: env[SECRET_TOKEN],
    secret_key_base: env[SECRET_KEY_BASE],
    upgrade_legacy_signed_cookies: env[SECRET_TOKEN].present? && env[SECRET_KEY_BASE].present?,
    serializer: env[COOKIES_SERIALIZER],
    digest: env[COOKIES_DIGEST]
  }
end

Instance Method Details

#[](name) ⇒ Object

Returns the value of the cookie by name, or nil if no such cookie exists.

# File 'lib/action_dispatch/middleware/cookies.rb', line 265

def [](name)
  @cookies[name.to_s]
end

#[]=(name, options) ⇒ Object

Sets the cookie named name. The second argument may be the cookie’s value or a hash of options as documented above.

# File 'lib/action_dispatch/middleware/cookies.rb', line 303

def []=(name, options)
  if options.is_a?(Hash)
    options.symbolize_keys!
    value = options[:value]
  else
    value = options
    options = { :value => value }
  end

  handle_options(options)

  if @cookies[name.to_s] != value || options[:expires]
    @cookies[name.to_s] = value
    @set_cookies[name.to_s] = options
    @delete_cookies.delete(name.to_s)
  end

  value
end

#clear(options = {}) ⇒ Object

Removes all cookies on the client machine by calling delete for each cookie

# File 'lib/action_dispatch/middleware/cookies.rb', line 347

def clear(options = {})
  @cookies.each_key{ |k| delete(k, options) }
end

#commit! ⇒ Object

# File 'lib/action_dispatch/middleware/cookies.rb', line 254

def commit!
  @committed = true
  @set_cookies.freeze
  @delete_cookies.freeze
end

#committed? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/action_dispatch/middleware/cookies.rb', line 252

def committed?; @committed; end

#delete(name, options = {}) ⇒ Object

Removes the cookie on the client machine by setting the value to an empty string and the expiration date in the past. Like []=, you can pass in an options hash to delete cookies with extra data such as a :path.

# File 'lib/action_dispatch/middleware/cookies.rb', line 326

def delete(name, options = {})
  return unless @cookies.has_key? name.to_s

  options.symbolize_keys!
  handle_options(options)

  value = @cookies.delete(name.to_s)
  @delete_cookies[name.to_s] = options
  value
end

#deleted?(name, options = {}) ⇒ Boolean

Whether the given cookie is to be deleted by this CookieJar. Like []=, you can pass in an options hash to test if a deletion applies to a specific :path, :domain etc.

Returns:

• (Boolean)

# File 'lib/action_dispatch/middleware/cookies.rb', line 340

def deleted?(name, options = {})
  options.symbolize_keys!
  handle_options(options)
  @delete_cookies[name.to_s] == options
end

#each(&block) ⇒ Object

# File 'lib/action_dispatch/middleware/cookies.rb', line 260

def each(&block)
  @cookies.each(&block)
end

#fetch(name, *args, &block) ⇒ Object

# File 'lib/action_dispatch/middleware/cookies.rb', line 269

def fetch(name, *args, &block)
  @cookies.fetch(name.to_s, *args, &block)
end

#handle_options(options) ⇒ Object

:nodoc:

# File 'lib/action_dispatch/middleware/cookies.rb', line 283

def handle_options(options) #:nodoc:
  options[:path] ||= "/"

  if options[:domain] == :all
    # if there is a provided tld length then we use it otherwise default domain regexp
    domain_regexp = options[:tld_length] ? /([^.]+\.?){#{options[:tld_length]}}$/ : DOMAIN_REGEXP

    # if host is not ip and matches domain regexp
    # (ip confirms to domain regexp so we explicitly check for ip)
    options[:domain] = if (@host !~ /^[\d.]+$/) && (@host =~ domain_regexp)
      ".#{$&}"
    end
  elsif options[:domain].is_a? Array
    # if host matches one of the supplied domains without a dot in front of it
    options[:domain] = options[:domain].find {|domain| @host.include? domain.sub(/^\./, '') }
  end
end

#key?(name) ⇒ Boolean Also known as: has_key?

Returns:

• (Boolean)

# File 'lib/action_dispatch/middleware/cookies.rb', line 273

def key?(name)
  @cookies.key?(name.to_s)
end

#recycle! ⇒ Object

:nodoc:

# File 'lib/action_dispatch/middleware/cookies.rb', line 356

def recycle! #:nodoc:
  @set_cookies = {}
  @delete_cookies = {}
end

#update(other_hash) ⇒ Object

# File 'lib/action_dispatch/middleware/cookies.rb', line 278

def update(other_hash)
  @cookies.update other_hash.stringify_keys
  self
end

#write(headers) ⇒ Object

# File 'lib/action_dispatch/middleware/cookies.rb', line 351

def write(headers)
  @set_cookies.each { |k, v| ::Rack::Utils.set_cookie_header!(headers, k, v) if write_cookie?(v) }
  @delete_cookies.each { |k, v| ::Rack::Utils.delete_cookie_header!(headers, k, v) }
end