Sha256: 5855798652208775cae99368452f93a534cb2f423aeae4a4484e19aad480d03c

Contents?: true

Size: 1.48 KB

Versions: 18

Compression:

Stored size: 1.48 KB

Contents

# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

require 'contrast/components/logger'
require 'contrast/components/scope'
require 'contrast/framework/rack/patch/session_cookie'

module Contrast
  module Framework
    module Sinatra
      module Patch
        # Our patch into the Rack::Protection::EncryptedCookie Class, that replaces Rack::Session::Cookie
        # in Sinatra 3.0, allowing for the runtime detection of insecure configurations on individual cookies
        # within the application
        class EncryptedSessionCookie < Contrast::Framework::Rack::Patch::SessionCookie
          extend Contrast::Components::Logger::InstanceMethods
          extend Contrast::Components::Scope::InstanceMethods

          class << self
            include Contrast::Utils::InvalidConfigurationUtil

            def instrument
              @_instrument ||= begin
                ::Rack::Protection::EncryptedCookie.class_eval do
                  alias_method(:cs__patched_initialize, :initialize)
                  def initialize app, options = {} # rubocop:disable Style/OptionHash, Lint/MissingSuper
                    Contrast::Framework::Sinatra::Patch::EncryptedSessionCookie.analyze(options)
                    cs__patched_initialize(app, options)
                  end
                end
                true
              end
            end
          end
        end
      end
    end
  end
end

Version data entries

18 entries across 18 versions & 1 rubygems

Version Path
contrast-agent-7.6.1 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.6.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.5.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.4.1 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.4.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.3.2 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.3.1 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.3.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.2.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.1.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-7.0.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-6.15.3 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-6.15.2 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-6.15.1 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-6.15.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-6.14.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-6.13.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb
contrast-agent-6.12.0 lib/contrast/framework/sinatra/patch/encrypted_session_cookie.rb