respect do not track headers in trackable

2011-05-04 14:44:37 +02:00 · 2011-05-04 14:44:37 +02:00 · 89b53ea39c
parent 9cc69277bc
commit 89b53ea39c
2 changed files with 27 additions and 1 deletions
--- a/lib/devise/hooks/trackable.rb
+++ b/lib/devise/hooks/trackable.rb
@ -3,7 +3,7 @@
 # and on authentication. Retrieving the user from session (:fetch) does
 # not trigger it.
 Warden::Manager.after_set_user :except => :fetch do |record, warden, options|
-  if record.respond_to?(:update_tracked_fields!) && warden.authenticated?(options[:scope])
+  if record.respond_to?(:update_tracked_fields!) && warden.authenticated?(options[:scope]) && warden.request.headers['X-Do-Not-Track'].to_s != '1' && warden.request.headers['DNT'].to_s != '1'
    record.update_tracked_fields!(warden.request)
  end
 end
--- a/test/integration/trackable_test.rb
+++ b/test/integration/trackable_test.rb
@ -61,4 +61,30 @@ class TrackableHooksTest < ActionController::IntegrationTest
      assert_nil user.last_sign_in_at
    end
  end
+  
+  test "respect X-Do-Not-Track and DNT headers" do
+    user = create_user
+    sign_in_as_user do
+      header "X-Do-Not-Track" , "1"
+      header "DNT" , "0"
+    end
+    user.reload
+    assert_equal 0, user.sign_in_count
+    visit destroy_user_session_path
+    
+    sign_in_as_user do
+      header "X-Do-Not-Track" , "0"
+      header "DNT" , "1"
+    end
+    user.reload
+    assert_equal 0, user.sign_in_count
+    visit destroy_user_session_path
+    
+    sign_in_as_user do
+      header "X-Do-Not-Track" , "0"
+      header "DNT" , "0"
+    end
+    user.reload
+    assert_equal 1, user.sign_in_count
+  end
 end