Class: ActionDispatch::Cookies::CookieJar

Inherits:
Object
  • Object
show all
Includes:
Enumerable
Defined in:
lib/action_dispatch/middleware/cookies.rb

Overview

:nodoc:

Direct Known Subclasses

PermanentCookieJar, SignedCookieJar

Constant Summary collapse

DOMAIN_REGEXP =

This regular expression is used to split the levels of a domain. The top level domain can be any string without a period or ., *. style TLDs like co.uk or com.au

www.example.co.uk gives: $& => example.co.uk

example.com gives: $& => example.com

lots.of.subdomains.example.local gives: $& => example.local

/[^.]*\.([^.]*|..\...|...\...)$/

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(secret = nil, host = nil, secure = false) ⇒ CookieJar

Returns a new instance of CookieJar.



115
116
117
118
119
120
121
122
123
# File 'lib/action_dispatch/middleware/cookies.rb', line 115

def initialize(secret = nil, host = nil, secure = false)
  @secret = secret
  @set_cookies = {}
  @delete_cookies = {}
  @host = host
  @secure = secure
  @closed = false
  @cookies = {}
end

Class Method Details

.build(request) ⇒ Object



105
106
107
108
109
110
111
112
113
# File 'lib/action_dispatch/middleware/cookies.rb', line 105

def self.build(request)
  secret = request.env[TOKEN_KEY]
  host = request.host
  secure = request.ssl?

  new(secret, host, secure).tap do |hash|
    hash.update(request.cookies)
  end
end

Instance Method Details

#[](name) ⇒ Object

Returns the value of the cookie by name, or nil if no such cookie exists.



130
131
132
# File 'lib/action_dispatch/middleware/cookies.rb', line 130

def [](name)
  @cookies[name.to_s]
end

#[]=(key, options) ⇒ Object

Sets the cookie named name. The second argument may be the very cookie value, or a hash of options as documented above.



164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
# File 'lib/action_dispatch/middleware/cookies.rb', line 164

def []=(key, options)
  if options.is_a?(Hash)
    options.symbolize_keys!
    value = options[:value]
  else
    value = options
    options = { :value => value }
  end

  handle_options(options)

  if @cookies[key.to_s] != value or options[:expires]
    @cookies[key.to_s] = value
    @set_cookies[key.to_s] = options
    @delete_cookies.delete(key.to_s)
  end

  value
end

#clear(options = {}) ⇒ Object

Removes all cookies on the client machine by calling delete for each cookie



198
199
200
# File 'lib/action_dispatch/middleware/cookies.rb', line 198

def clear(options = {})
  @cookies.each_key{ |k| delete(k, options) }
end

#delete(key, options = {}) ⇒ Object

Removes the cookie on the client machine by setting the value to an empty string and setting its expiration date into the past. Like []=, you can pass in an options hash to delete cookies with extra data such as a :path.



187
188
189
190
191
192
193
194
195
# File 'lib/action_dispatch/middleware/cookies.rb', line 187

def delete(key, options = {})
  options.symbolize_keys!

  handle_options(options)

  value = @cookies.delete(key.to_s)
  @delete_cookies[key.to_s] = options
  value
end

#each(&block) ⇒ Object



125
126
127
# File 'lib/action_dispatch/middleware/cookies.rb', line 125

def each(&block)
  @cookies.each(&block)
end

#handle_options(options) ⇒ Object

:nodoc:



144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
# File 'lib/action_dispatch/middleware/cookies.rb', line 144

def handle_options(options) #:nodoc:
  options[:path] ||= "/"

  if options[:domain] == :all
    # if there is a provided tld length then we use it otherwise default domain regexp
    domain_regexp = options[:tld_length] ? /([^.]+\.?){#{options[:tld_length]}}$/ : DOMAIN_REGEXP

    # if host is not ip and matches domain regexp
    # (ip confirms to domain regexp so we explicitly check for ip)
    options[:domain] = if (@host !~ /^[\d.]+$/) && (@host =~ domain_regexp)
      ".#{$&}"
    end
  elsif options[:domain].is_a? Array
    # if host matches one of the supplied domains without a dot in front of it
    options[:domain] = options[:domain].find {|domain| @host.include? domain[/^\.?(.*)$/, 1] }
  end
end

#key?(name) ⇒ Boolean Also known as: has_key?

Returns:

  • (Boolean)


134
135
136
# File 'lib/action_dispatch/middleware/cookies.rb', line 134

def key?(name)
  @cookies.key?(name.to_s)
end

#permanentObject

Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now. Example:

cookies.permanent[:prefers_open_id] = true
# => Set-Cookie: prefers_open_id=true; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT

This jar is only meant for writing. You’ll read permanent cookies through the regular accessor.

This jar allows chaining with the signed jar as well, so you can set permanent, signed cookies. Examples:

cookies.permanent.signed[:remember_me] = current_user.id
# => Set-Cookie: remember_me=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT


213
214
215
# File 'lib/action_dispatch/middleware/cookies.rb', line 213

def permanent
  @permanent ||= PermanentCookieJar.new(self, @secret)
end

#recycle!Object

:nodoc:



239
240
241
242
# File 'lib/action_dispatch/middleware/cookies.rb', line 239

def recycle! #:nodoc:
  @set_cookies.clear
  @delete_cookies.clear
end

#signedObject

Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception will be raised.

This jar requires that you set a suitable secret for the verification on your app’s config.secret_token.

Example:

cookies.signed[:discount] = 45
# => Set-Cookie: discount=BAhpMg==--2c1c6906c90a3bc4fd54a51ffb41dffa4bf6b5f7; path=/

cookies.signed[:discount] # => 45


230
231
232
# File 'lib/action_dispatch/middleware/cookies.rb', line 230

def signed
  @signed ||= SignedCookieJar.new(self, @secret)
end

#update(other_hash) ⇒ Object



139
140
141
142
# File 'lib/action_dispatch/middleware/cookies.rb', line 139

def update(other_hash)
  @cookies.update other_hash.stringify_keys
  self
end

#write(headers) ⇒ Object



234
235
236
237
# File 'lib/action_dispatch/middleware/cookies.rb', line 234

def write(headers)
  @set_cookies.each { |k, v| ::Rack::Utils.set_cookie_header!(headers, k, v) if write_cookie?(v) }
  @delete_cookies.each { |k, v| ::Rack::Utils.delete_cookie_header!(headers, k, v) }
end