Class: ActionController::CgiRequest

Inherits:
AbstractRequest show all
Defined in:
lib/action_controller/cgi_process.rb

Overview

:nodoc:

Defined Under Namespace

Classes: SessionFixationAttempt

Constant Summary collapse

DEFAULT_SESSION_OPTIONS = 
{
  :database_manager => CGI::Session::PStore,
  :prefix           => "ruby_sess.",
  :session_path     => "/",
  :cookie_only      => true
}

Instance Attribute Summary collapse

Attributes inherited from AbstractRequest

#env

Instance Method Summary collapse

Methods inherited from AbstractRequest

#accepts, #content_type, #delete?, #domain, #formatted_post?, #get?, #head?, #method, #parameters, #path, #path_parameters, #path_parameters=, #port_string, #post?, #post_format, #protocol, #put?, #raw_post, #relative_url_root, #remote_ip, #request_uri, #server_software, #session=, #ssl?, #standard_port, #subdomains, #symbolized_path_parameters, #xml_http_request?, #xml_post?, #yaml_post?

Constructor Details

#initialize(cgi, session_options = {}) ⇒ CgiRequest

Returns a new instance of CgiRequest.



49
50
51
52
53
54
55
 
# File 'lib/action_controller/cgi_process.rb', line 49

def initialize(cgi, session_options = {})
  @cgi = cgi
  @session_options = session_options
  @env = @cgi.send(:env_table)
  @cookie_only = session_options.delete :cookie_only
  super()
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method_id, *arguments) ⇒ Object 



148
149
150
 
# File 'lib/action_controller/cgi_process.rb', line 148

def method_missing(method_id, *arguments)
  @cgi.send(method_id, *arguments) rescue super
end

Instance Attribute Details

#cgiObject

Returns the value of attribute cgi.



39
40
41
 
# File 'lib/action_controller/cgi_process.rb', line 39

def cgi
  @cgi
end

#cookie_onlyObject

Returns the value of attribute cookie_only.



39
40
41
 
# File 'lib/action_controller/cgi_process.rb', line 39

def cookie_only
  @cookie_only
end

#session_optionsObject

Returns the value of attribute session_options.



39
40
41
 
# File 'lib/action_controller/cgi_process.rb', line 39

def session_options
  @session_options
end

Instance Method Details

#cookiesObject 



83
84
85
 
# File 'lib/action_controller/cgi_process.rb', line 83

def cookies
  @cgi.cookies.freeze
end

#hostObject 



99
100
101
 
# File 'lib/action_controller/cgi_process.rb', line 99

def host
  host_with_port[/^[^:]+/]
end

#host_with_portObject 



87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/action_controller/cgi_process.rb', line 87

def host_with_port
  if forwarded = env["HTTP_X_FORWARDED_HOST"]
    forwarded.split(/,\s?/).last
  elsif http_host = env['HTTP_HOST']
    http_host
  elsif server_name = env['SERVER_NAME']
    server_name
  else
    "#{env['SERVER_ADDR']}:#{env['SERVER_PORT']}"
  end
end

#portObject 



103
104
105
106
107
108
109
 
# File 'lib/action_controller/cgi_process.rb', line 103

def port
  if host_with_port =~ /:(\d+)$/
    $1.to_i
  else
    standard_port
  end
end

#query_parametersObject 



69
70
71
72
 
# File 'lib/action_controller/cgi_process.rb', line 69

def query_parameters
  @query_parameters ||=
    (qs = self.query_string).empty? ? {} : CGIMethods.parse_query_parameters(qs)
end

#query_stringObject 



57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/action_controller/cgi_process.rb', line 57

def query_string
  if (qs = @cgi.query_string) && !qs.empty?
    qs
  elsif uri = @env['REQUEST_URI']
    parts = uri.split('?')
    parts.shift
    parts.join('?')
  else
    @env['QUERY_STRING'] || ''
  end
end

#request_parametersObject 



74
75
76
77
78
79
80
81
 
# File 'lib/action_controller/cgi_process.rb', line 74

def request_parameters
  @request_parameters ||=
    if ActionController::Base.param_parsers.has_key?(content_type)
      CGIMethods.parse_formatted_request_parameters(content_type, @env['RAW_POST_DATA'])
    else
      CGIMethods.parse_request_parameters(@cgi.params)
    end
end

#reset_sessionObject 



143
144
145
146
 
# File 'lib/action_controller/cgi_process.rb', line 143

def reset_session
  @session.delete if defined?(@session) && @session.is_a?(CGI::Session)
  @session = new_session
end

#sessionObject 



111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
 
# File 'lib/action_controller/cgi_process.rb', line 111

def session
  unless defined?(@session)
    if @session_options == false
      @session = Hash.new
    else
      stale_session_check! do
        if @cookie_only && request_parameters[session_options_with_string_keys['session_key']]
          raise SessionFixationAttempt
        end
        case value = session_options_with_string_keys['new_session']
          when true
            @session = new_session
          when false
            begin
              @session = CGI::Session.new(@cgi, session_options_with_string_keys)
            # CGI::Session raises ArgumentError if 'new_session' == false
            # and no session cookie or query param is present.
            rescue ArgumentError
              @session = Hash.new
            end
          when nil
            @session = CGI::Session.new(@cgi, session_options_with_string_keys)
          else
            raise ArgumentError, "Invalid new_session option: #{value}"
        end
        @session['__valid_session']
      end
    end
  end
  @session
end