Class: ActionController::CgiRequest
Overview
Defined Under Namespace
Classes: SessionFixationAttempt
Constant Summary
collapse
- DEFAULT_SESSION_OPTIONS =
{
:database_manager => CGI::Session::CookieStore, :prefix => "ruby_sess.", :session_path => "/", :session_key => "_session_id",
:cookie_only => true
}
AbstractRequest::TRUSTED_PROXIES
Instance Attribute Summary collapse
#env
Instance Method Summary
collapse
#accepts, clean_up_ajax_request_body!, #content_length, #content_type, #delete?, #domain, extract_content_type_without_parameters, extract_multipart_boundary, #format, #format=, #get?, #head?, #headers, #host_with_port, #method, #parameters, parse_multipart_form_parameters, parse_query_parameters, parse_request_parameters, #path, #path_parameters, #path_parameters=, #port_string, #post?, #protocol, #put?, #raw_post, #relative_url_root, #remote_ip, #request_method, #request_uri, #server_software, #session=, #ssl?, #standard_port, #subdomains, #symbolized_path_parameters, #url, #xml_http_request?
Constructor Details
#initialize(cgi, session_options = {}) ⇒ CgiRequest
Returns a new instance of CgiRequest.
47
48
49
50
51
52
|
# File 'lib/action_controller/cgi_process.rb', line 47
def initialize(cgi, session_options = {})
@cgi = cgi
@session_options = session_options
@env = @cgi.send!(:env_table)
super()
end
|
Dynamic Method Handling
This class handles dynamic methods through the method_missing method
#method_missing(method_id, *arguments) ⇒ Object
146
147
148
|
# File 'lib/action_controller/cgi_process.rb', line 146
def method_missing(method_id, *arguments)
@cgi.send!(method_id, *arguments) rescue super
end
|
Instance Attribute Details
Returns the value of attribute cgi.
36
37
38
|
# File 'lib/action_controller/cgi_process.rb', line 36
def cgi
@cgi
end
|
#session_options ⇒ Object
Returns the value of attribute session_options.
36
37
38
|
# File 'lib/action_controller/cgi_process.rb', line 36
def session_options
@session_options
end
|
Instance Method Details
The request body is an IO input stream. If the RAW_POST_DATA environment variable is already set, wrap it in a StringIO.
65
66
67
68
69
70
71
|
# File 'lib/action_controller/cgi_process.rb', line 65
def body
if raw_post = env['RAW_POST_DATA']
StringIO.new(raw_post)
else
@cgi.stdinput
end
end
|
81
82
83
|
# File 'lib/action_controller/cgi_process.rb', line 81
def cookies
@cgi.cookies.freeze
end
|
97
98
99
|
# File 'lib/action_controller/cgi_process.rb', line 97
def host
host_with_port_without_standard_port_handling.sub(/:\d+$/, '')
end
|
#host_with_port_without_standard_port_handling ⇒ Object
85
86
87
88
89
90
91
92
93
94
95
|
# File 'lib/action_controller/cgi_process.rb', line 85
def host_with_port_without_standard_port_handling
if forwarded = env["HTTP_X_FORWARDED_HOST"]
forwarded.split(/,\s?/).last
elsif http_host = env['HTTP_HOST']
http_host
elsif server_name = env['SERVER_NAME']
server_name
else
"#{env['SERVER_ADDR']}:#{env['SERVER_PORT']}"
end
end
|
101
102
103
104
105
106
107
|
# File 'lib/action_controller/cgi_process.rb', line 101
def port
if host_with_port_without_standard_port_handling =~ /:(\d+)$/
$1.to_i
else
standard_port
end
end
|
#query_parameters ⇒ Object
73
74
75
|
# File 'lib/action_controller/cgi_process.rb', line 73
def query_parameters
@query_parameters ||= self.class.parse_query_parameters(query_string)
end
|
#query_string ⇒ Object
54
55
56
57
58
59
60
61
|
# File 'lib/action_controller/cgi_process.rb', line 54
def query_string
qs = @cgi.query_string if @cgi.respond_to?(:query_string)
if !qs.blank?
qs
else
super
end
end
|
#request_parameters ⇒ Object
77
78
79
|
# File 'lib/action_controller/cgi_process.rb', line 77
def request_parameters
@request_parameters ||= parse_formatted_request_parameters
end
|
#reset_session ⇒ Object
141
142
143
144
|
# File 'lib/action_controller/cgi_process.rb', line 141
def reset_session
@session.delete if defined?(@session) && @session.is_a?(CGI::Session)
@session = new_session
end
|
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
# File 'lib/action_controller/cgi_process.rb', line 109
def session
unless defined?(@session)
if @session_options == false
@session = Hash.new
else
stale_session_check! do
if cookie_only? && query_parameters[session_options_with_string_keys['session_key']]
raise SessionFixationAttempt
end
case value = session_options_with_string_keys['new_session']
when true
@session = new_session
when false
begin
@session = CGI::Session.new(@cgi, session_options_with_string_keys)
rescue ArgumentError
@session = Hash.new
end
when nil
@session = CGI::Session.new(@cgi, session_options_with_string_keys)
else
raise ArgumentError, "Invalid new_session option: #{value}"
end
@session['__valid_session']
end
end
end
@session
end
|