Class: ActionDispatch::Cookies::CookieJar

Inherits:

Object

• Object
• ActionDispatch::Cookies::CookieJar

Includes:

Enumerable

Defined in:

actionpack/lib/action_dispatch/middleware/cookies.rb

Overview

:nodoc:

Direct Known Subclasses

PermanentCookieJar, SignedCookieJar

Constant Summary

DOMAIN_REGEXP =

This regular expression is used to split the levels of a domain. The top level domain can be any string without a period or ., *. style TLDs like co.uk or com.au

www.example.co.uk gives: $& => example.co.uk

example.com gives: $& => example.com

lots.of.subdomains.example.local gives: $& => example.local

/[^.]*\.([^.]*|..\...|...\...)$/

Instance Attribute Summary

• #closed ⇒ Object (also: #closed?) readonly

  Returns the value of attribute closed.

Class Method Summary

• .build(request) ⇒ Object

Instance Method Summary

• #[](name) ⇒ Object

  Returns the value of the cookie by name, or nil if no such cookie exists.

• #[]=(key, options) ⇒ Object

  Sets the cookie named name.

• #close! ⇒ Object
• #delete(key, options = {}) ⇒ Object

  Removes the cookie on the client machine by setting the value to an empty string and setting its expiration date into the past.

• #each(&block) ⇒ Object
• #handle_options(options) ⇒ Object

  :nodoc:.

• #initialize(secret = nil, host = nil, secure = false) ⇒ CookieJar constructor

  A new instance of CookieJar.

• #key?(name) ⇒ Boolean (also: #has_key?)
• #permanent ⇒ Object

  Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now.

• #signed ⇒ Object

  Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again.

• #update(other_hash) ⇒ Object
• #write(headers) ⇒ Object

Methods included from Enumerable

#as_json, #each_with_object, #exclude?, #group_by, #index_by, #many?, #sum

Constructor Details

#initialize(secret = nil, host = nil, secure = false) ⇒ CookieJar

Returns a new instance of CookieJar.

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 113

def initialize(secret = nil, host = nil, secure = false)
  @secret = secret
  @set_cookies = {}
  @delete_cookies = {}
  @host = host
  @secure = secure
  @closed = false
  @cookies = {}
end

Instance Attribute Details

#closed ⇒ Object (readonly) Also known as: closed?

Returns the value of attribute closed

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 123

def closed
  @closed
end

Class Method Details

.build(request) ⇒ Object

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 103

def self.build(request)
  secret = request.env[TOKEN_KEY]
  host = request.host
  secure = request.ssl?

  new(secret, host, secure).tap do |hash|
    hash.update(request.cookies)
  end
end

Instance Method Details

#[](name) ⇒ Object

Returns the value of the cookie by name, or nil if no such cookie exists.

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 132

def [](name)
  @cookies[name.to_s]
end

#[]=(key, options) ⇒ Object

Sets the cookie named name. The second argument may be the very cookie value, or a hash of options as documented above.

Raises:

• (ClosedError)

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 166

def []=(key, options)
  raise ClosedError, :cookies if closed?
  if options.is_a?(Hash)
    options.symbolize_keys!
    value = options[:value]
  else
    value = options
    options = { :value => value }
  end

  value = @cookies[key.to_s] = value

  handle_options(options)

  @set_cookies[key.to_s] = options
  @delete_cookies.delete(key.to_s)
  value
end

#close! ⇒ Object

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 125

def close!; @closed = true end

#delete(key, options = {}) ⇒ Object

Removes the cookie on the client machine by setting the value to an empty string and setting its expiration date into the past. Like []=, you can pass in an options hash to delete cookies with extra data such as a :path.

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 188

def delete(key, options = {})
  options.symbolize_keys!

  handle_options(options)

  value = @cookies.delete(key.to_s)
  @delete_cookies[key.to_s] = options
  value
end

#each(&block) ⇒ Object

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 127

def each(&block)
  @cookies.each(&block)
end

#handle_options(options) ⇒ Object

:nodoc:

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 146

def handle_options(options) #:nodoc:
  options[:path] ||= "/"

  if options[:domain] == :all
    # if there is a provided tld length then we use it otherwise default domain regexp
    domain_regexp = options[:tld_length] ? /([^.]+\.?){#{options[:tld_length]}}$/ : DOMAIN_REGEXP

    # if host is not ip and matches domain regexp
    # (ip confirms to domain regexp so we explicitly check for ip)
    options[:domain] = if (@host !~ /^[\d.]+$/) && (@host =~ domain_regexp)
      ".#{$&}"
    end
  elsif options[:domain].is_a? Array
    # if host matches one of the supplied domains without a dot in front of it
    options[:domain] = options[:domain].find {|domain| @host.include? domain[/^\.?(.*)$/, 1] }
  end
end

#key?(name) ⇒ Boolean Also known as: has_key?

Returns:

• (Boolean)

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 136

def key?(name)
  @cookies.key?(name.to_s)
end

#permanent ⇒ Object

Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now. Example:

cookies.permanent[:prefers_open_id] = true
# => Set-Cookie: prefers_open_id=true; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT

This jar is only meant for writing. You’ll read permanent cookies through the regular accessor.

This jar allows chaining with the signed jar as well, so you can set permanent, signed cookies. Examples:

cookies.permanent.signed[:remember_me] = current_user.id
# => Set-Cookie: remember_me=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 209

def permanent
  @permanent ||= PermanentCookieJar.new(self, @secret)
end

#signed ⇒ Object

Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception will be raised.

This jar requires that you set a suitable secret for the verification on your app’s config.secret_token.

Example:

cookies.signed[:discount] = 45
# => Set-Cookie: discount=BAhpMg==--2c1c6906c90a3bc4fd54a51ffb41dffa4bf6b5f7; path=/

cookies.signed[:discount] # => 45

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 226

def signed
  @signed ||= SignedCookieJar.new(self, @secret)
end

#update(other_hash) ⇒ Object

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 141

def update(other_hash)
  @cookies.update other_hash
  self
end

#write(headers) ⇒ Object

# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 230

def write(headers)
  @set_cookies.each { |k, v| ::Rack::Utils.set_cookie_header!(headers, k, v) if write_cookie?(v) }
  @delete_cookies.each { |k, v| ::Rack::Utils.delete_cookie_header!(headers, k, v) }
end