From 29592a7f09dda2e7e1e0a915d9230fe6a9b5c0af Mon Sep 17 00:00:00 2001 From: Santiago Pastorino Date: Wed, 6 Apr 2011 20:53:48 -0300 Subject: Use freeze instead of close! --- actionpack/lib/action_dispatch/middleware/cookies.rb | 7 ++----- actionpack/lib/action_dispatch/middleware/flash.rb | 12 +++--------- 2 files changed, 5 insertions(+), 14 deletions(-) (limited to 'actionpack/lib/action_dispatch') diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 24ebb8fed7..3ed5f1055f 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -115,13 +115,10 @@ module ActionDispatch @delete_cookies = {} @host = host @secure = secure - @closed = false @cookies = {} end - attr_reader :closed - alias :closed? :closed - def close!; @closed = true end + alias :closed? :frozen? # Returns the value of the cookie by +name+, or +nil+ if no such cookie exists. def [](name) @@ -330,7 +327,7 @@ module ActionDispatch [status, headers, body] ensure cookie_jar = ActionDispatch::Request.new(env).cookie_jar unless cookie_jar - cookie_jar.close! + cookie_jar.freeze end end end diff --git a/actionpack/lib/action_dispatch/middleware/flash.rb b/actionpack/lib/action_dispatch/middleware/flash.rb index 6eda1f31a7..e7090ecf1b 100644 --- a/actionpack/lib/action_dispatch/middleware/flash.rb +++ b/actionpack/lib/action_dispatch/middleware/flash.rb @@ -43,12 +43,9 @@ module ActionDispatch class FlashNow #:nodoc: def initialize(flash) @flash = flash - @closed = false end - attr_reader :closed - alias :closed? :closed - def close!; @closed = true end + alias :closed? :frozen? def []=(k, v) raise ClosedError, :flash if closed? @@ -76,12 +73,9 @@ module ActionDispatch def initialize #:nodoc: super @used = Set.new - @closed = false end - attr_reader :closed - alias :closed? :closed - def close!; @closed = true end + alias :closed? :frozen? def []=(k, v) #:nodoc: raise ClosedError, :flash if closed? @@ -200,7 +194,7 @@ module ActionDispatch if !flash_hash.empty? || session.key?('flash') session["flash"] = flash_hash end - flash_hash.close! + flash_hash.freeze end if session.key?('flash') && session['flash'].empty? -- cgit v1.2.3 From dffeda377021ba8691381195f5a2889f8e040b93 Mon Sep 17 00:00:00 2001 From: Santiago Pastorino Date: Wed, 6 Apr 2011 22:25:07 -0300 Subject: Eagerly load Signed and Permanent cookies --- .../lib/action_dispatch/middleware/cookies.rb | 27 ++++++++++++++-------- 1 file changed, 17 insertions(+), 10 deletions(-) (limited to 'actionpack/lib/action_dispatch') diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 3ed5f1055f..820df8f499 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -116,6 +116,8 @@ module ActionDispatch @host = host @secure = secure @cookies = {} + @permanent = PermanentCookieJar.new(self, @secret) + @signed = @secret && SignedCookieJar.new(self, @secret) end alias :closed? :frozen? @@ -193,9 +195,7 @@ module ActionDispatch # # cookies.permanent.signed[:remember_me] = current_user.id # # => Set-Cookie: remember_me=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT - def permanent - @permanent ||= PermanentCookieJar.new(self, @secret) - end + attr_reader :permanent # Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from # the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed @@ -211,7 +211,8 @@ module ActionDispatch # # cookies.signed[:discount] # => 45 def signed - @signed ||= SignedCookieJar.new(self, @secret) + SignedCookieJar.ensure_secret_provided(@secret) + @signed end def write(headers) @@ -228,7 +229,9 @@ module ActionDispatch class PermanentCookieJar < CookieJar #:nodoc: def initialize(parent_jar, secret) - @parent_jar, @secret = parent_jar, secret + @parent_jar = parent_jar + @secret = secret + @signed = @secret && SignedCookieJar.new(self, @secret) end def []=(key, options) @@ -244,7 +247,8 @@ module ActionDispatch end def signed - @signed ||= SignedCookieJar.new(self, @secret) + SignedCookieJar.ensure_secret_provided(@secret) + @signed end def method_missing(method, *arguments, &block) @@ -257,7 +261,8 @@ module ActionDispatch SECRET_MIN_LENGTH = 30 # Characters def initialize(parent_jar, secret) - ensure_secret_secure(secret) + self.class.ensure_secret_provided(secret) + self.class.ensure_secret_length(secret) @parent_jar = parent_jar @verifier = ActiveSupport::MessageVerifier.new(secret) end @@ -289,9 +294,7 @@ module ActionDispatch protected - # To prevent users from using something insecure like "Password" we make sure that the - # secret they've provided is at least 30 characters in length. - def ensure_secret_secure(secret) + def self.ensure_secret_provided(secret) if secret.blank? raise ArgumentError, "A secret is required to generate an " + "integrity hash for cookie session data. Use " + @@ -299,7 +302,11 @@ module ActionDispatch "least #{SECRET_MIN_LENGTH} characters\"" + "in config/initializers/secret_token.rb" end + end + # To prevent users from using something insecure like "Password" we make sure that the + # secret they've provided is at least 30 characters in length. + def self.ensure_secret_length(secret) if secret.length < SECRET_MIN_LENGTH raise ArgumentError, "Secret should be something secure, " + "like \"#{ActiveSupport::SecureRandom.hex(16)}\". The value you " + -- cgit v1.2.3 From 5b0149a17aa423d0adbec10c8fb8449f15d16673 Mon Sep 17 00:00:00 2001 From: Santiago Pastorino Date: Thu, 7 Apr 2011 09:20:56 -0300 Subject: Revert "Eagerly load Signed and Permanent cookies" This reverts commit dffeda377021ba8691381195f5a2889f8e040b93. --- .../lib/action_dispatch/middleware/cookies.rb | 27 ++++++++-------------- 1 file changed, 10 insertions(+), 17 deletions(-) (limited to 'actionpack/lib/action_dispatch') diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 820df8f499..3ed5f1055f 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -116,8 +116,6 @@ module ActionDispatch @host = host @secure = secure @cookies = {} - @permanent = PermanentCookieJar.new(self, @secret) - @signed = @secret && SignedCookieJar.new(self, @secret) end alias :closed? :frozen? @@ -195,7 +193,9 @@ module ActionDispatch # # cookies.permanent.signed[:remember_me] = current_user.id # # => Set-Cookie: remember_me=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT - attr_reader :permanent + def permanent + @permanent ||= PermanentCookieJar.new(self, @secret) + end # Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from # the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed @@ -211,8 +211,7 @@ module ActionDispatch # # cookies.signed[:discount] # => 45 def signed - SignedCookieJar.ensure_secret_provided(@secret) - @signed + @signed ||= SignedCookieJar.new(self, @secret) end def write(headers) @@ -229,9 +228,7 @@ module ActionDispatch class PermanentCookieJar < CookieJar #:nodoc: def initialize(parent_jar, secret) - @parent_jar = parent_jar - @secret = secret - @signed = @secret && SignedCookieJar.new(self, @secret) + @parent_jar, @secret = parent_jar, secret end def []=(key, options) @@ -247,8 +244,7 @@ module ActionDispatch end def signed - SignedCookieJar.ensure_secret_provided(@secret) - @signed + @signed ||= SignedCookieJar.new(self, @secret) end def method_missing(method, *arguments, &block) @@ -261,8 +257,7 @@ module ActionDispatch SECRET_MIN_LENGTH = 30 # Characters def initialize(parent_jar, secret) - self.class.ensure_secret_provided(secret) - self.class.ensure_secret_length(secret) + ensure_secret_secure(secret) @parent_jar = parent_jar @verifier = ActiveSupport::MessageVerifier.new(secret) end @@ -294,7 +289,9 @@ module ActionDispatch protected - def self.ensure_secret_provided(secret) + # To prevent users from using something insecure like "Password" we make sure that the + # secret they've provided is at least 30 characters in length. + def ensure_secret_secure(secret) if secret.blank? raise ArgumentError, "A secret is required to generate an " + "integrity hash for cookie session data. Use " + @@ -302,11 +299,7 @@ module ActionDispatch "least #{SECRET_MIN_LENGTH} characters\"" + "in config/initializers/secret_token.rb" end - end - # To prevent users from using something insecure like "Password" we make sure that the - # secret they've provided is at least 30 characters in length. - def self.ensure_secret_length(secret) if secret.length < SECRET_MIN_LENGTH raise ArgumentError, "Secret should be something secure, " + "like \"#{ActiveSupport::SecureRandom.hex(16)}\". The value you " + -- cgit v1.2.3 From 03d561ad77085f17ba816ebec619a3d359b2164e Mon Sep 17 00:00:00 2001 From: Santiago Pastorino Date: Thu, 7 Apr 2011 09:26:04 -0300 Subject: Revert "Use freeze instead of close!" This reverts commit 29592a7f09dda2e7e1e0a915d9230fe6a9b5c0af. --- actionpack/lib/action_dispatch/middleware/cookies.rb | 7 +++++-- actionpack/lib/action_dispatch/middleware/flash.rb | 12 +++++++++--- 2 files changed, 14 insertions(+), 5 deletions(-) (limited to 'actionpack/lib/action_dispatch') diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 3ed5f1055f..24ebb8fed7 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -115,10 +115,13 @@ module ActionDispatch @delete_cookies = {} @host = host @secure = secure + @closed = false @cookies = {} end - alias :closed? :frozen? + attr_reader :closed + alias :closed? :closed + def close!; @closed = true end # Returns the value of the cookie by +name+, or +nil+ if no such cookie exists. def [](name) @@ -327,7 +330,7 @@ module ActionDispatch [status, headers, body] ensure cookie_jar = ActionDispatch::Request.new(env).cookie_jar unless cookie_jar - cookie_jar.freeze + cookie_jar.close! end end end diff --git a/actionpack/lib/action_dispatch/middleware/flash.rb b/actionpack/lib/action_dispatch/middleware/flash.rb index e7090ecf1b..6eda1f31a7 100644 --- a/actionpack/lib/action_dispatch/middleware/flash.rb +++ b/actionpack/lib/action_dispatch/middleware/flash.rb @@ -43,9 +43,12 @@ module ActionDispatch class FlashNow #:nodoc: def initialize(flash) @flash = flash + @closed = false end - alias :closed? :frozen? + attr_reader :closed + alias :closed? :closed + def close!; @closed = true end def []=(k, v) raise ClosedError, :flash if closed? @@ -73,9 +76,12 @@ module ActionDispatch def initialize #:nodoc: super @used = Set.new + @closed = false end - alias :closed? :frozen? + attr_reader :closed + alias :closed? :closed + def close!; @closed = true end def []=(k, v) #:nodoc: raise ClosedError, :flash if closed? @@ -194,7 +200,7 @@ module ActionDispatch if !flash_hash.empty? || session.key?('flash') session["flash"] = flash_hash end - flash_hash.freeze + flash_hash.close! end if session.key?('flash') && session['flash'].empty? -- cgit v1.2.3 From 0e624ce9eb9056c8986621f3e6b7f5ca67b4cb12 Mon Sep 17 00:00:00 2001 From: Santiago Pastorino Date: Thu, 7 Apr 2011 09:27:00 -0300 Subject: Cache flash now --- actionpack/lib/action_dispatch/middleware/flash.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actionpack/lib/action_dispatch') diff --git a/actionpack/lib/action_dispatch/middleware/flash.rb b/actionpack/lib/action_dispatch/middleware/flash.rb index 6eda1f31a7..0af86e4df9 100644 --- a/actionpack/lib/action_dispatch/middleware/flash.rb +++ b/actionpack/lib/action_dispatch/middleware/flash.rb @@ -112,7 +112,7 @@ module ActionDispatch # # Entries set via now are accessed the same way as standard entries: flash['my-key']. def now - FlashNow.new(self) + @now ||= FlashNow.new(self) end # Keeps either the entire current flash or a specific flash entry available for the next action: -- cgit v1.2.3