aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_dispatch/middleware/cookies.rb
diff options
context:
space:
mode:
authorRizwan Reza <rizwanreza@gmail.com>2010-06-11 13:30:35 +0430
committerJosé Valim <jose.valim@gmail.com>2010-06-11 16:34:52 +0200
commitf99132663b2ceee56f6e02ada396a911e4e20da2 (patch)
treea6e027ea0a23a1d18f51ac56e99127409d36fb2b /actionpack/lib/action_dispatch/middleware/cookies.rb
parent5609149d844ece5020dd53565d35cf69f563a8da (diff)
downloadrails-f99132663b2ceee56f6e02ada396a911e4e20da2.tar.gz
rails-f99132663b2ceee56f6e02ada396a911e4e20da2.tar.bz2
rails-f99132663b2ceee56f6e02ada396a911e4e20da2.zip
Took out the domain option logic to cookies.rb.
Diffstat (limited to 'actionpack/lib/action_dispatch/middleware/cookies.rb')
-rw-r--r--actionpack/lib/action_dispatch/middleware/cookies.rb34
1 files changed, 32 insertions, 2 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
index 87e8dd5010..0ba4bc7782 100644
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -45,7 +45,15 @@ module ActionDispatch
# * <tt>:value</tt> - The cookie's value or list of values (as an array).
# * <tt>:path</tt> - The path for which this cookie applies. Defaults to the root
# of the application.
- # * <tt>:domain</tt> - The domain for which this cookie applies.
+ # * <tt>:domain</tt> - The domain for which this cookie applies so you can
+ # restrict to the domain level. If you use a schema like www.example.com
+ # and want to share session with user.example.com set <tt>:domain</tt>
+ # to <tt>:all</tt>
+ #
+ # :domain => nil # Does not sets cookie domain. (default)
+ # :domain => :all # Allow the cookie for the top most level
+ # domain and subdomains.
+ #
# * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
# * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
# Default is +false+.
@@ -54,13 +62,22 @@ module ActionDispatch
class Cookies
HTTP_HEADER = "Set-Cookie".freeze
TOKEN_KEY = "action_dispatch.secret_token".freeze
-
+
# Raised when storing more than 4K of session data.
class CookieOverflow < StandardError; end
class CookieJar < Hash #:nodoc:
+
+ # This regular expression is used to split the levels of a domain
+ # So www.example.co.uk gives:
+ # $1 => www.
+ # $2 => example
+ # $3 => co.uk
+ DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/
+
def self.build(request)
secret = request.env[TOKEN_KEY]
+ @@host = request.env["HTTP_HOST"]
new(secret).tap do |hash|
hash.update(request.cookies)
end
@@ -70,6 +87,7 @@ module ActionDispatch
@secret = secret
@set_cookies = {}
@delete_cookies = {}
+
super()
end
@@ -92,6 +110,12 @@ module ActionDispatch
value = super(key.to_s, value)
options[:path] ||= "/"
+
+ if options[:domain] == :all
+ @@host =~ DOMAIN_REGEXP
+ options[:domain] = ".#{$2}.#{$3}"
+ end
+
@set_cookies[key] = options
@delete_cookies.delete(key)
value
@@ -103,6 +127,12 @@ module ActionDispatch
def delete(key, options = {})
options.symbolize_keys!
options[:path] ||= "/"
+
+ if options[:domain] == :all
+ @@host =~ DOMAIN_REGEXP
+ options[:domain] = ".#{$2}.#{$3}"
+ end
+
value = super(key.to_s)
@delete_cookies[key] = options
value