Class: ShopifyApp::SameSiteCookieMiddleware

Inherits:

Object

Object
ShopifyApp::SameSiteCookieMiddleware

Defined in:: lib/shopify_app/middleware/same_site_cookie_middleware.rb

Constant Summary collapse

COOKIE_SEPARATOR =

"\n"

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app) ⇒ SameSiteCookieMiddleware constructor

A new instance of SameSiteCookieMiddleware.

Constructor Details

#initialize(app) ⇒ `SameSiteCookieMiddleware`

Returns a new instance of SameSiteCookieMiddleware.



5
6
7

# File 'lib/shopify_app/middleware/same_site_cookie_middleware.rb', line 5

def initialize(app)
  @app = app
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/shopify_app/middleware/same_site_cookie_middleware.rb', line 9

def call(env)
  status, headers, body = @app.call(env)
  user_agent = env['HTTP_USER_AGENT']

  if headers && headers['Set-Cookie'] &&
      BrowserSniffer.new(user_agent).same_site_none_compatible? &&
      ShopifyApp.configuration.enable_same_site_none &&
      Rack::Request.new(env).ssl?

    set_cookies = headers['Set-Cookie']
      .split(COOKIE_SEPARATOR)
      .compact
      .map do |cookie|
        cookie << '; Secure' if not cookie =~ /;\s*secure/i
        cookie << '; SameSite=None' unless cookie =~ /;\s*samesite=/i
        cookie
      end

    headers['Set-Cookie'] = set_cookies.join(COOKIE_SEPARATOR)
  end

  [status, headers, body]
end

Class: ShopifyApp::SameSiteCookieMiddleware

Constant Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app) ⇒ SameSiteCookieMiddleware

Instance Method Details

#call(env) ⇒ Object

#initialize(app) ⇒ `SameSiteCookieMiddleware`

#call(env) ⇒ `Object`