Class: Rack::Protection::MaximumCookie

Inherits:

Object

• Object
• Rack::Protection::MaximumCookie

Defined in:

lib/rack/protection/maximum_cookie.rb,
lib/rack/protection/maximum_cookie/version.rb

Constant Summary

HEADER_SEP_RE =

%r{\r?\n|\0}.freeze

COOKIE_DOMAIN_RE =

%r{;\s*[Dd][Oo][Mm][Aa][Ii][Nn]=([^;]+)}.freeze

COOKIE_KEY_RE =

%r{\A[^=]+}.freeze

VERSION =

'0.4.2'.freeze

Instance Attribute Summary

• #app ⇒ Object readonly

  Returns the value of attribute app.

• #handler ⇒ Object readonly

  Returns the value of attribute handler.

• #public_suffix_list ⇒ Object readonly

  Returns the value of attribute public_suffix_list.

Instance Method Summary

• #bytesize_limit ⇒ Object
• #bytesize_limit? ⇒ Boolean
• #call(env) ⇒ Object
• #initialize(app, options = {}, &block) ⇒ MaximumCookie constructor

  A new instance of MaximumCookie.

• #limit ⇒ Object
• #limit? ⇒ Boolean
• #overhead ⇒ Object
• #per_domain? ⇒ Boolean
• #stateful? ⇒ Boolean
• #strict? ⇒ Boolean

Constructor Details

#initialize(app, options = {}, &block) ⇒ MaximumCookie

Returns a new instance of MaximumCookie.

# File 'lib/rack/protection/maximum_cookie.rb', line 66

def initialize(app, options={}, &block)
  @app = app
  @handler = block

  @options = {}.tap do |h|
    h[:limit] = Integer(options.fetch(:limit, 50))
    h[:bytesize_limit] = Integer(options.fetch(:bytesize_limit, 4_096))
    h[:overhead] = Integer(options.fetch(:overhead, 3))
    h[:stateful?] = !!options.fetch(:stateful?, options.fetch(:stateful, false))
    h[:strict?] = h[:stateful?] || !!options.fetch(:strict?, options.fetch(:strict, false))
    h[:per_domain?] = h[:strict?] || !!options.fetch(:per_domain?, options.fetch(:per_domain, true))

    h.freeze
  end

  if strict?
    # Allow non-ICANN domains to be handled the same as ICANN domains.
    @public_suffix_list = PublicSuffix::List.parse(::File.read(PublicSuffix::List::DEFAULT_LIST_PATH), :private_domains=>false)
  end

  unless limit? || bytesize_limit?
    abort 'No limits, nothing to do!'
  end
end

Instance Attribute Details

#app ⇒ Object (readonly)

Returns the value of attribute app.

# File 'lib/rack/protection/maximum_cookie.rb', line 30

def app
  @app
end

#handler ⇒ Object (readonly)

Returns the value of attribute handler.

# File 'lib/rack/protection/maximum_cookie.rb', line 31

def handler
  @handler
end

#public_suffix_list ⇒ Object (readonly)

Returns the value of attribute public_suffix_list.

# File 'lib/rack/protection/maximum_cookie.rb', line 32

def public_suffix_list
  @public_suffix_list
end

Instance Method Details

#bytesize_limit ⇒ Object

# File 'lib/rack/protection/maximum_cookie.rb', line 42

def bytesize_limit
  @options[:bytesize_limit]
end

#bytesize_limit? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/protection/maximum_cookie.rb', line 46

def bytesize_limit?
  @options[:bytesize_limit] >= 0
end

#call(env) ⇒ Object

# File 'lib/rack/protection/maximum_cookie.rb', line 91

def call(env)
  status, headers, body = app.call(env)
  if headers.key?(SET_COOKIE)
    check_cookies env, Rack::Request.new(env),
      normalize_cookie_header(headers[SET_COOKIE])
  end
  [status, headers, body]
end

#limit ⇒ Object

# File 'lib/rack/protection/maximum_cookie.rb', line 34

def limit
  @options[:limit]
end

#limit? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/protection/maximum_cookie.rb', line 38

def limit?
  @options[:limit] >= 0
end

#overhead ⇒ Object

# File 'lib/rack/protection/maximum_cookie.rb', line 50

def overhead
  @options[:overhead]
end

#per_domain? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/protection/maximum_cookie.rb', line 54

def per_domain?
  @options[:per_domain?]
end

#stateful? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/protection/maximum_cookie.rb', line 62

def stateful?
  @options[:stateful?]
end

#strict? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/rack/protection/maximum_cookie.rb', line 58

def strict?
  @options[:strict?]
end