mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Took out the domain option logic to cookies.rb.
This commit is contained in:
parent
5609149d84
commit
f99132663b
3 changed files with 32 additions and 22 deletions
|
@ -45,7 +45,15 @@ module ActionDispatch
|
||||||
# * <tt>:value</tt> - The cookie's value or list of values (as an array).
|
# * <tt>:value</tt> - The cookie's value or list of values (as an array).
|
||||||
# * <tt>:path</tt> - The path for which this cookie applies. Defaults to the root
|
# * <tt>:path</tt> - The path for which this cookie applies. Defaults to the root
|
||||||
# of the application.
|
# of the application.
|
||||||
# * <tt>:domain</tt> - The domain for which this cookie applies.
|
# * <tt>:domain</tt> - The domain for which this cookie applies so you can
|
||||||
|
# restrict to the domain level. If you use a schema like www.example.com
|
||||||
|
# and want to share session with user.example.com set <tt>:domain</tt>
|
||||||
|
# to <tt>:all</tt>
|
||||||
|
#
|
||||||
|
# :domain => nil # Does not sets cookie domain. (default)
|
||||||
|
# :domain => :all # Allow the cookie for the top most level
|
||||||
|
# domain and subdomains.
|
||||||
|
#
|
||||||
# * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
|
# * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
|
||||||
# * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
|
# * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
|
||||||
# Default is +false+.
|
# Default is +false+.
|
||||||
|
@ -59,8 +67,17 @@ module ActionDispatch
|
||||||
class CookieOverflow < StandardError; end
|
class CookieOverflow < StandardError; end
|
||||||
|
|
||||||
class CookieJar < Hash #:nodoc:
|
class CookieJar < Hash #:nodoc:
|
||||||
|
|
||||||
|
# This regular expression is used to split the levels of a domain
|
||||||
|
# So www.example.co.uk gives:
|
||||||
|
# $1 => www.
|
||||||
|
# $2 => example
|
||||||
|
# $3 => co.uk
|
||||||
|
DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/
|
||||||
|
|
||||||
def self.build(request)
|
def self.build(request)
|
||||||
secret = request.env[TOKEN_KEY]
|
secret = request.env[TOKEN_KEY]
|
||||||
|
@@host = request.env["HTTP_HOST"]
|
||||||
new(secret).tap do |hash|
|
new(secret).tap do |hash|
|
||||||
hash.update(request.cookies)
|
hash.update(request.cookies)
|
||||||
end
|
end
|
||||||
|
@ -70,6 +87,7 @@ module ActionDispatch
|
||||||
@secret = secret
|
@secret = secret
|
||||||
@set_cookies = {}
|
@set_cookies = {}
|
||||||
@delete_cookies = {}
|
@delete_cookies = {}
|
||||||
|
|
||||||
super()
|
super()
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -92,6 +110,12 @@ module ActionDispatch
|
||||||
value = super(key.to_s, value)
|
value = super(key.to_s, value)
|
||||||
|
|
||||||
options[:path] ||= "/"
|
options[:path] ||= "/"
|
||||||
|
|
||||||
|
if options[:domain] == :all
|
||||||
|
@@host =~ DOMAIN_REGEXP
|
||||||
|
options[:domain] = ".#{$2}.#{$3}"
|
||||||
|
end
|
||||||
|
|
||||||
@set_cookies[key] = options
|
@set_cookies[key] = options
|
||||||
@delete_cookies.delete(key)
|
@delete_cookies.delete(key)
|
||||||
value
|
value
|
||||||
|
@ -103,6 +127,12 @@ module ActionDispatch
|
||||||
def delete(key, options = {})
|
def delete(key, options = {})
|
||||||
options.symbolize_keys!
|
options.symbolize_keys!
|
||||||
options[:path] ||= "/"
|
options[:path] ||= "/"
|
||||||
|
|
||||||
|
if options[:domain] == :all
|
||||||
|
@@host =~ DOMAIN_REGEXP
|
||||||
|
options[:domain] = ".#{$2}.#{$3}"
|
||||||
|
end
|
||||||
|
|
||||||
value = super(key.to_s)
|
value = super(key.to_s)
|
||||||
@delete_cookies[key] = options
|
@delete_cookies[key] = options
|
||||||
value
|
value
|
||||||
|
|
|
@ -93,13 +93,6 @@ module ActionDispatch
|
||||||
:cookie_only => true
|
:cookie_only => true
|
||||||
}
|
}
|
||||||
|
|
||||||
# This regular expression is used to split the levels of a domain:
|
|
||||||
# So www.example.co.uk gives:
|
|
||||||
# $1 => www.
|
|
||||||
# $2 => example
|
|
||||||
# $3 => co.uk
|
|
||||||
DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/
|
|
||||||
|
|
||||||
def initialize(app, options = {})
|
def initialize(app, options = {})
|
||||||
@app = app
|
@app = app
|
||||||
@default_options = DEFAULT_OPTIONS.merge(options)
|
@default_options = DEFAULT_OPTIONS.merge(options)
|
||||||
|
@ -129,11 +122,6 @@ module ActionDispatch
|
||||||
cookie[:expires] = Time.now + options.delete(:expire_after)
|
cookie[:expires] = Time.now + options.delete(:expire_after)
|
||||||
end
|
end
|
||||||
|
|
||||||
if options[:domain] == :all
|
|
||||||
env["HTTP_HOST"] =~ DOMAIN_REGEXP
|
|
||||||
options[:domain] = ".#{$2}.#{$3}"
|
|
||||||
end
|
|
||||||
|
|
||||||
request = ActionDispatch::Request.new(env)
|
request = ActionDispatch::Request.new(env)
|
||||||
set_cookie(request, cookie.merge!(options))
|
set_cookie(request, cookie.merge!(options))
|
||||||
end
|
end
|
||||||
|
|
|
@ -34,14 +34,6 @@ module ActionDispatch
|
||||||
# integrity defaults to 'SHA1' but may be any digest provided by OpenSSL,
|
# integrity defaults to 'SHA1' but may be any digest provided by OpenSSL,
|
||||||
# such as 'MD5', 'RIPEMD160', 'SHA256', etc.
|
# such as 'MD5', 'RIPEMD160', 'SHA256', etc.
|
||||||
#
|
#
|
||||||
# * <tt>:domain</tt>: Restrict the session cookie to certain domain level.
|
|
||||||
# If you use a schema like www.example.com and wants to share session
|
|
||||||
# with user.example.com set <tt>:domain</tt> to <tt>:all</tt>
|
|
||||||
#
|
|
||||||
# :domain => nil # Does not sets cookie domain. (default)
|
|
||||||
# :domain => :all # Allow the cookie for the top most level
|
|
||||||
# domain and subdomains.
|
|
||||||
#
|
|
||||||
# To generate a secret key for an existing application, run
|
# To generate a secret key for an existing application, run
|
||||||
# "rake secret" and set the key in config/environment.rb.
|
# "rake secret" and set the key in config/environment.rb.
|
||||||
#
|
#
|
||||||
|
|
Loading…
Reference in a new issue