Class: Opener::Webservice::InputSanitizer
- Inherits:
-
Object
- Object
- Opener::Webservice::InputSanitizer
- Defined in:
- lib/opener/webservice/input_sanitizer.rb
Overview
Sanitizes raw Sinatra input and component options.
Instance Method Summary collapse
-
#prepare_parameters(input) ⇒ Hash
Returns a Hash containing cleaned up pairs based on the input parameters.
-
#whitelist_options(input, accepted) ⇒ Hash
Returns a Hash containing the whitelisted options to pass to a component.
Instance Method Details
#prepare_parameters(input) ⇒ Hash
Returns a Hash containing cleaned up pairs based on the input parameters. The keys of the returned Hash are String instances to prevent Symbol DOS attacks.
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
# File 'lib/opener/webservice/input_sanitizer.rb', line 15 def prepare_parameters(input) sanitized = {} input.each do |key, value| # Sinatra/Rack uses "on" for checked checkboxes. if value == 'true' or value == 'on' value = true elsif value == 'false' value = false end sanitized[key.to_s] = value end # Strip empty callback URLs (= default form values). if sanitized['callbacks'] sanitized['callbacks'].reject! { |url| url.nil? || url.empty? } end if sanitized['error_callback'] and sanitized['error_callback'].empty? sanitized.delete('error_callback') end return sanitized end |
#whitelist_options(input, accepted) ⇒ Hash
Returns a Hash containing the whitelisted options to pass to a component. Since components use Symbols for their options this Hash uses Symbols for its keys.
50 51 52 53 54 55 56 57 58 59 60 61 62 |
# File 'lib/opener/webservice/input_sanitizer.rb', line 50 def (input, accepted) whitelisted = {} input.each do |key, value| sym_key = key.to_sym if accepted.include?(sym_key) whitelisted[sym_key] = value end end return whitelisted end |