kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

remove request reference from chained jars

Browse source 
This changes the chained jars to ask the parent jar for the request
object which should eventually call back up to the original jar
This commit is contained in:
Aaron Patterson 2015-08-06 07:42:38 -07:00
parent f052e4ae58
commit e18ebd2e62
1 changed files with 25 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
actionpack/lib/action_dispatch/middleware/cookies.rb
View file

@ -150,7 +150,7 @@ module ActionDispatch
# cookies.permanent.signed[:remember_me] = current_user.id
# # => Set-Cookie: remember_me=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT
def permanent
@permanent ||= PermanentCookieJar.new(self, @request)
@permanent ||= PermanentCookieJar.new(self)
end
# Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from
@ -171,9 +171,9 @@ module ActionDispatch
def signed
@signed ||=
if upgrade_legacy_signed_cookies?
UpgradeLegacySignedCookieJar.new(self, @request)
UpgradeLegacySignedCookieJar.new(self)
else
SignedCookieJar.new(self, @request)
SignedCookieJar.new(self)
end
end
@ -194,9 +194,9 @@ module ActionDispatch
def encrypted
@encrypted ||=
if upgrade_legacy_signed_cookies?
UpgradeLegacyEncryptedCookieJar.new(self, @request)
UpgradeLegacyEncryptedCookieJar.new(self)
else
EncryptedCookieJar.new(self, @request)
EncryptedCookieJar.new(self)
end
end
@ -204,21 +204,25 @@ module ActionDispatch
# Used by ActionDispatch::Session::CookieStore to avoid the need to introduce new cookie stores.
def signed_or_encrypted
@signed_or_encrypted ||=
if @request.secret_key_base.present?
if request.secret_key_base.present?
encrypted
else
signed
end
end
protected
def request; @parent_jar.request; end
private
def upgrade_legacy_signed_cookies?
@request.secret_token.present? && @request.secret_key_base.present?
request.secret_token.present? && request.secret_key_base.present?
end
def key_generator
@request.key_generator
request.key_generator
end
end
@ -229,7 +233,7 @@ module ActionDispatch
module VerifyAndUpgradeLegacySignedMessage # :nodoc:
def initialize(*args)
super
@legacy_verifier = ActiveSupport::MessageVerifier.new(@request.secret_token, serializer: ActiveSupport::MessageEncryptor::NullSerializer)
@legacy_verifier = ActiveSupport::MessageVerifier.new(request.secret_token, serializer: ActiveSupport::MessageEncryptor::NullSerializer)
end
def verify_and_upgrade_legacy_signed_message(name, signed_message)
@ -264,6 +268,8 @@ module ActionDispatch
end
end
attr_reader :request
def initialize(request)
@set_cookies = {}
@delete_cookies = {}
@ -316,12 +322,12 @@ module ActionDispatch
# if host is not ip and matches domain regexp
# (ip confirms to domain regexp so we explicitly check for ip)
options[:domain] = if (@request.host !~ /^[\d.]+$/) && (@request.host =~ domain_regexp)
options[:domain] = if (request.host !~ /^[\d.]+$/) && (request.host =~ domain_regexp)
".#{$&}"
end
elsif options[:domain].is_a? Array
# if host matches one of the supplied domains without a dot in front of it
options[:domain] = options[:domain].find {|domain| @request.host.include? domain.sub(/^\./, '') }
options[:domain] = options[:domain].find {|domain| request.host.include? domain.sub(/^\./, '') }
end
end
@ -390,16 +396,15 @@ module ActionDispatch
private
def write_cookie?(cookie)
@request.ssl? || !cookie[:secure] || always_write_cookie
request.ssl? || !cookie[:secure] || always_write_cookie
end
end
class PermanentCookieJar #:nodoc:
include ChainedCookieJars
def initialize(parent_jar, request)
def initialize(parent_jar)
@parent_jar = parent_jar
@request = request
end
def [](name)
@ -433,7 +438,7 @@ module ActionDispatch
protected
def needs_migration?(value)
@request.cookies_serializer == :hybrid && value.start_with?(MARSHAL_SIGNATURE)
request.cookies_serializer == :hybrid && value.start_with?(MARSHAL_SIGNATURE)
end
def serialize(value)
@ -453,7 +458,7 @@ module ActionDispatch
end
def serializer
serializer = @request.cookies_serializer || :marshal
serializer = request.cookies_serializer || :marshal
case serializer
when :marshal
Marshal
@ -465,7 +470,7 @@ module ActionDispatch
end
def digest
@request.cookies_digest || 'SHA1'
request.cookies_digest || 'SHA1'
end
end
@ -473,9 +478,8 @@ module ActionDispatch
include ChainedCookieJars
include SerializedCookieJars
def initialize(parent_jar, request)
def initialize(parent_jar)
@parent_jar = parent_jar
@request = request
secret = key_generator.generate_key(request.signed_cookie_salt)
@verifier = ActiveSupport::MessageVerifier.new(secret, digest: digest, serializer: ActiveSupport::MessageEncryptor::NullSerializer)
end
@ -528,15 +532,14 @@ module ActionDispatch
include ChainedCookieJars
include SerializedCookieJars
def initialize(parent_jar, request)
@request = request
def initialize(parent_jar)
@parent_jar = parent_jar
if ActiveSupport::LegacyKeyGenerator === key_generator
raise "You didn't set secrets.secret_key_base, which is required for this cookie jar. " +
"Read the upgrade documentation to learn more about this new config option."
end
@parent_jar = parent_jar
secret = key_generator.generate_key(request.encrypted_cookie_salt || '')
sign_secret = key_generator.generate_key(request.encrypted_signed_cookie_salt || '')
@encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, digest: digest, serializer: ActiveSupport::MessageEncryptor::NullSerializer)