mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Allow for any possible TLD when using the :all option with the cookie session store. This works for subdomain.mysite.local, google.co.uk, google.com.au, etc. [#5147 state:resolved]
Signed-off-by: José Valim <jose.valim@gmail.com>
This commit is contained in:
parent
ada8c66ba0
commit
fd78bb7270
2 changed files with 47 additions and 9 deletions
|
@ -69,16 +69,26 @@ module ActionDispatch
|
|||
|
||||
class CookieJar < Hash #:nodoc:
|
||||
|
||||
# This regular expression is used to split the levels of a domain
|
||||
# So www.example.co.uk gives:
|
||||
# $1 => www.
|
||||
# $2 => example
|
||||
# $3 => co.uk
|
||||
DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/
|
||||
# This regular expression is used to split the levels of a domain.
|
||||
# The top level domain can be any string without a period or
|
||||
# **.**, ***.** style TLDs like co.uk or com.au
|
||||
#
|
||||
# www.example.co.uk gives:
|
||||
# $1 => example
|
||||
# $2 => co.uk
|
||||
#
|
||||
# example.com gives:
|
||||
# $1 => example
|
||||
# $2 => com
|
||||
#
|
||||
# lots.of.subdomains.example.local gives:
|
||||
# $1 => example
|
||||
# $2 => local
|
||||
DOMAIN_REGEXP = /([^.]*)\.([^.]*|..\...|...\...)$/
|
||||
|
||||
def self.build(request)
|
||||
secret = request.env[TOKEN_KEY]
|
||||
host = request.env["HTTP_HOST"]
|
||||
host = request.host
|
||||
|
||||
new(secret, host).tap do |hash|
|
||||
hash.update(request.cookies)
|
||||
|
@ -104,7 +114,7 @@ module ActionDispatch
|
|||
|
||||
if options[:domain] == :all
|
||||
@host =~ DOMAIN_REGEXP
|
||||
options[:domain] = ".#{$2}.#{$3}"
|
||||
options[:domain] = ".#{$1}.#{$2}"
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -232,6 +232,34 @@ class CookiesTest < ActionController::TestCase
|
|||
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com; path=/"
|
||||
end
|
||||
|
||||
def test_cookie_with_all_domain_option_using_a_non_standard_tld
|
||||
@request.host = "two.subdomains.nextangle.local"
|
||||
get :set_cookie_with_domain
|
||||
assert_response :success
|
||||
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
|
||||
end
|
||||
|
||||
def test_cookie_with_all_domain_option_using_australian_style_tld
|
||||
@request.host = "nextangle.com.au"
|
||||
get :set_cookie_with_domain
|
||||
assert_response :success
|
||||
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com.au; path=/"
|
||||
end
|
||||
|
||||
def test_cookie_with_all_domain_option_using_uk_style_tld
|
||||
@request.host = "nextangle.co.uk"
|
||||
get :set_cookie_with_domain
|
||||
assert_response :success
|
||||
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.co.uk; path=/"
|
||||
end
|
||||
|
||||
def test_cookie_with_all_domain_option_using_host_with_port
|
||||
@request.host = "nextangle.local:3000"
|
||||
get :set_cookie_with_domain
|
||||
assert_response :success
|
||||
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
|
||||
end
|
||||
|
||||
def test_deleting_cookie_with_all_domain_option
|
||||
get :delete_cookie_with_domain
|
||||
assert_response :success
|
||||
|
|
Loading…
Reference in a new issue