Class: ActionDispatch::Cookies::CookieJar
- Inherits:
-
Object
- Object
- ActionDispatch::Cookies::CookieJar
- Includes:
- Enumerable
- Defined in:
- lib/action_dispatch/middleware/cookies.rb
Overview
:nodoc:
Direct Known Subclasses
Constant Summary collapse
- DOMAIN_REGEXP =
This regular expression is used to split the levels of a domain. The top level domain can be any string without a period or ., *. style TLDs like co.uk or com.au
www.example.co.uk gives: $& => example.co.uk
example.com gives: $& => example.com
lots.of.subdomains.example.local gives: $& => example.local
/[^.]*\.([^.]*|..\...|...\...)$/
Class Method Summary collapse
Instance Method Summary collapse
-
#[](name) ⇒ Object
Returns the value of the cookie by
name
, ornil
if no such cookie exists. -
#[]=(key, options) ⇒ Object
Sets the cookie named
name
. -
#clear(options = {}) ⇒ Object
Removes all cookies on the client machine by calling
delete
for each cookie. -
#delete(key, options = {}) ⇒ Object
Removes the cookie on the client machine by setting the value to an empty string and setting its expiration date into the past.
- #each(&block) ⇒ Object
-
#handle_options(options) ⇒ Object
:nodoc:.
-
#initialize(secret = nil, host = nil, secure = false) ⇒ CookieJar
constructor
A new instance of CookieJar.
- #key?(name) ⇒ Boolean (also: #has_key?)
-
#permanent ⇒ Object
Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now.
-
#recycle! ⇒ Object
:nodoc:.
-
#signed ⇒ Object
Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again.
- #update(other_hash) ⇒ Object
- #write(headers) ⇒ Object
Constructor Details
#initialize(secret = nil, host = nil, secure = false) ⇒ CookieJar
Returns a new instance of CookieJar.
115 116 117 118 119 120 121 122 123 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 115 def initialize(secret = nil, host = nil, secure = false) @secret = secret @set_cookies = {} @delete_cookies = {} @host = host @secure = secure @closed = false @cookies = {} end |
Class Method Details
.build(request) ⇒ Object
105 106 107 108 109 110 111 112 113 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 105 def self.build(request) secret = request.env[TOKEN_KEY] host = request.host secure = request.ssl? new(secret, host, secure).tap do |hash| hash.update(request.) end end |
Instance Method Details
#[](name) ⇒ Object
Returns the value of the cookie by name
, or nil
if no such cookie exists.
130 131 132 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 130 def [](name) @cookies[name.to_s] end |
#[]=(key, options) ⇒ Object
Sets the cookie named name
. The second argument may be the very cookie value, or a hash of options as documented above.
164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 164 def []=(key, ) if .is_a?(Hash) .symbolize_keys! value = [:value] else value = = { :value => value } end @cookies[key.to_s] = value () @set_cookies[key.to_s] = @delete_cookies.delete(key.to_s) value end |
#clear(options = {}) ⇒ Object
Removes all cookies on the client machine by calling delete
for each cookie
196 197 198 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 196 def clear( = {}) @cookies.each_key{ |k| delete(k, ) } end |
#delete(key, options = {}) ⇒ Object
Removes the cookie on the client machine by setting the value to an empty string and setting its expiration date into the past. Like []=
, you can pass in an options hash to delete cookies with extra data such as a :path
.
185 186 187 188 189 190 191 192 193 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 185 def delete(key, = {}) .symbolize_keys! () value = @cookies.delete(key.to_s) @delete_cookies[key.to_s] = value end |
#each(&block) ⇒ Object
125 126 127 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 125 def each(&block) @cookies.each(&block) end |
#handle_options(options) ⇒ Object
:nodoc:
144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 144 def () #:nodoc: [:path] ||= "/" if [:domain] == :all # if there is a provided tld length then we use it otherwise default domain regexp domain_regexp = [:tld_length] ? /([^.]+\.?){#{[:tld_length]}}$/ : DOMAIN_REGEXP # if host is not ip and matches domain regexp # (ip confirms to domain regexp so we explicitly check for ip) [:domain] = if (@host !~ /^[\d.]+$/) && (@host =~ domain_regexp) ".#{$&}" end elsif [:domain].is_a? Array # if host matches one of the supplied domains without a dot in front of it [:domain] = [:domain].find {|domain| @host.include? domain[/^\.?(.*)$/, 1] } end end |
#key?(name) ⇒ Boolean Also known as: has_key?
134 135 136 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 134 def key?(name) @cookies.key?(name.to_s) end |
#permanent ⇒ Object
Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now. Example:
.permanent[:prefers_open_id] = true
# => Set-Cookie: prefers_open_id=true; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT
This jar is only meant for writing. You’ll read permanent cookies through the regular accessor.
This jar allows chaining with the signed jar as well, so you can set permanent, signed cookies. Examples:
.permanent.signed[:remember_me] = current_user.id
# => Set-Cookie: remember_me=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT
211 212 213 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 211 def permanent @permanent ||= PermanentCookieJar.new(self, @secret) end |
#recycle! ⇒ Object
:nodoc:
237 238 239 240 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 237 def recycle! #:nodoc: @set_cookies.clear @delete_cookies.clear end |
#signed ⇒ Object
Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception will be raised.
This jar requires that you set a suitable secret for the verification on your app’s config.secret_token.
Example:
.signed[:discount] = 45
# => Set-Cookie: discount=BAhpMg==--2c1c6906c90a3bc4fd54a51ffb41dffa4bf6b5f7; path=/
.signed[:discount] # => 45
228 229 230 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 228 def signed @signed ||= SignedCookieJar.new(self, @secret) end |
#update(other_hash) ⇒ Object
139 140 141 142 |
# File 'lib/action_dispatch/middleware/cookies.rb', line 139 def update(other_hash) @cookies.update other_hash.stringify_keys self end |