Contents

module Alchemy
  # Provides methods to secure your picture attributes against DOS attacks.
  #
  class PictureAttributes

    SECURE_ATTRIBUTES = %w(id size crop crop_from crop_size quality upsample).freeze

    class << self

      # Secures given attributes
      #
      # @param attributes [Hash]
      # @return [String]
      #
      def secure(attributes)
        Digest::SHA1.hexdigest(joined_attributes(attributes))[0..15]
      end

      private

      # Takes attributes and joins them with the +security_token+ of your rails app.
      #
      def joined_attributes(attributes)
        attributes.stringify_keys.values_at(*SECURE_ATTRIBUTES, Rails.configuration.secret_token).join('-')
      end

    end
  end
end

Version data entries

18 entries across 18 versions & 2 rubygems

Version	Path
alchemy_cms-3.2.1	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.3	lib/alchemy/picture_attributes.rb
lc_alchemy_cms-3.2.1	lib/alchemy/picture_attributes.rb
lc_alchemy_cms-3.2.0	lib/alchemy/picture_attributes.rb
alchemy_cms-3.2.0	lib/alchemy/picture_attributes.rb
alchemy_cms-3.2.0.rc1	lib/alchemy/picture_attributes.rb
alchemy_cms-3.2.0.beta	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.1	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.rc3	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.rc2	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.rc1	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.beta6	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.beta5	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.beta4	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.beta3	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.beta2	lib/alchemy/picture_attributes.rb
alchemy_cms-3.1.0.beta1	lib/alchemy/picture_attributes.rb