diff options
| author | Rizwan Reza <rizwanreza@gmail.com> | 2010-06-11 13:30:35 +0430 |
|---|---|---|
| committer | José Valim <jose.valim@gmail.com> | 2010-06-11 16:34:52 +0200 |
| commit | f99132663b2ceee56f6e02ada396a911e4e20da2 (patch) | |
| tree | a6e027ea0a23a1d18f51ac56e99127409d36fb2b /actionpack/lib/action_dispatch/middleware | |
| parent | 5609149d844ece5020dd53565d35cf69f563a8da (diff) | |
| download | rails-f99132663b2ceee56f6e02ada396a911e4e20da2.tar.gz rails-f99132663b2ceee56f6e02ada396a911e4e20da2.tar.bz2 rails-f99132663b2ceee56f6e02ada396a911e4e20da2.zip | |
Took out the domain option logic to cookies.rb.
Diffstat (limited to 'actionpack/lib/action_dispatch/middleware')
3 files changed, 32 insertions, 22 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 87e8dd5010..0ba4bc7782 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -45,7 +45,15 @@ module ActionDispatch # * <tt>:value</tt> - The cookie's value or list of values (as an array). # * <tt>:path</tt> - The path for which this cookie applies. Defaults to the root # of the application. - # * <tt>:domain</tt> - The domain for which this cookie applies. + # * <tt>:domain</tt> - The domain for which this cookie applies so you can + # restrict to the domain level. If you use a schema like www.example.com + # and want to share session with user.example.com set <tt>:domain</tt> + # to <tt>:all</tt> + # + # :domain => nil # Does not sets cookie domain. (default) + # :domain => :all # Allow the cookie for the top most level + # domain and subdomains. + # # * <tt>:expires</tt> - The time at which this cookie expires, as a Time object. # * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers. # Default is +false+. @@ -54,13 +62,22 @@ module ActionDispatch class Cookies HTTP_HEADER = "Set-Cookie".freeze TOKEN_KEY = "action_dispatch.secret_token".freeze - + # Raised when storing more than 4K of session data. class CookieOverflow < StandardError; end class CookieJar < Hash #:nodoc: + + # This regular expression is used to split the levels of a domain + # So www.example.co.uk gives: + # $1 => www. + # $2 => example + # $3 => co.uk + DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/ + def self.build(request) secret = request.env[TOKEN_KEY] + @@host = request.env["HTTP_HOST"] new(secret).tap do |hash| hash.update(request.cookies) end @@ -70,6 +87,7 @@ module ActionDispatch @secret = secret @set_cookies = {} @delete_cookies = {} + super() end @@ -92,6 +110,12 @@ module ActionDispatch value = super(key.to_s, value) options[:path] ||= "/" + + if options[:domain] == :all + @@host =~ DOMAIN_REGEXP + options[:domain] = ".#{$2}.#{$3}" + end + @set_cookies[key] = options @delete_cookies.delete(key) value @@ -103,6 +127,12 @@ module ActionDispatch def delete(key, options = {}) options.symbolize_keys! options[:path] ||= "/" + + if options[:domain] == :all + @@host =~ DOMAIN_REGEXP + options[:domain] = ".#{$2}.#{$3}" + end + value = super(key.to_s) @delete_cookies[key] = options value diff --git a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb index b03244d025..3e8d64b0c6 100644 --- a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb +++ b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb @@ -93,13 +93,6 @@ module ActionDispatch :cookie_only => true } - # This regular expression is used to split the levels of a domain: - # So www.example.co.uk gives: - # $1 => www. - # $2 => example - # $3 => co.uk - DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/ - def initialize(app, options = {}) @app = app @default_options = DEFAULT_OPTIONS.merge(options) @@ -129,11 +122,6 @@ module ActionDispatch cookie[:expires] = Time.now + options.delete(:expire_after) end - if options[:domain] == :all - env["HTTP_HOST"] =~ DOMAIN_REGEXP - options[:domain] = ".#{$2}.#{$3}" - end - request = ActionDispatch::Request.new(env) set_cookie(request, cookie.merge!(options)) end diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb index 0fc63d026f..92a86ee229 100644 --- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb +++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb @@ -34,14 +34,6 @@ module ActionDispatch # integrity defaults to 'SHA1' but may be any digest provided by OpenSSL, # such as 'MD5', 'RIPEMD160', 'SHA256', etc. # - # * <tt>:domain</tt>: Restrict the session cookie to certain domain level. - # If you use a schema like www.example.com and wants to share session - # with user.example.com set <tt>:domain</tt> to <tt>:all</tt> - # - # :domain => nil # Does not sets cookie domain. (default) - # :domain => :all # Allow the cookie for the top most level - # domain and subdomains. - # # To generate a secret key for an existing application, run # "rake secret" and set the key in config/environment.rb. # |