Class: Contrast::Framework::Sinatra::Patch::EncryptedSessionCookie

Inherits:
Rack::Patch::SessionCookie show all
Extended by:
Components::Logger::InstanceMethods, Components::Scope::InstanceMethods, Utils::InvalidConfigurationUtil
Defined in:
lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb

Overview

Our patch into the Rack::Protection::EncryptedCookie Class, that replaces Rack::Session::Cookie in Sinatra 3.0, allowing for the runtime detection of insecure configurations on individual cookies within the application

Constant Summary

Constants included from Utils::InvalidConfigurationUtil

Utils::InvalidConfigurationUtil::CS__PATH, Utils::InvalidConfigurationUtil::CS__SESSION_ID, Utils::InvalidConfigurationUtil::CS__SNIPPET

Constants inherited from Rack::Patch::SessionCookie

Rack::Patch::SessionCookie::CS__HTTPONLY_NAME, Rack::Patch::SessionCookie::CS__SECURE_RULE_NAME, Rack::Patch::SessionCookie::CS__SESSION_TIMEOUT_NAME, Rack::Patch::SessionCookie::SAFE_SESSION_TIMEOUT

Class Method Summary collapse

Methods included from Utils::InvalidConfigurationUtil

cs__report_finding

Methods included from Components::Scope::InstanceMethods

contrast_enter_method_scopes!, contrast_exit_method_scopes!, with_app_scope, with_contrast_scope, with_deserialization_scope, with_split_scope

Methods included from Components::Logger::InstanceMethods

cef_logger, logger

Methods inherited from Rack::Patch::SessionCookie

analyze

Class Method Details

.instrumentObject 



22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb', line 22

def instrument
  @_instrument ||= begin
    ::Rack::Protection::EncryptedCookie.class_eval do
      alias_method(:cs__patched_initialize, :initialize)
      def initialize app, options = {} # rubocop:disable Style/OptionHash, Lint/MissingSuper
        Contrast::Framework::Sinatra::Patch::EncryptedSessionCookie.analyze(options)
        cs__patched_initialize(app, options)
      end
    end
    true
  end
end