Contents

# frozen_string_literal: true

# :markup: markdown

module ActionDispatch
  module Http
    module FilterRedirect
      FILTERED = "[FILTERED]" # :nodoc:

      def filtered_location # :nodoc:
        if location_filter_match?
          FILTERED
        else
          parameter_filtered_location
        end
      end

    private
      def location_filters
        if request
          request.get_header("action_dispatch.redirect_filter") || []
        else
          []
        end
      end

      def location_filter_match?
        location_filters.any? do |filter|
          if String === filter
            location.include?(filter)
          elsif Regexp === filter
            location.match?(filter)
          end
        end
      end

      def parameter_filtered_location
        uri = URI.parse(location)
        unless uri.query.nil? || uri.query.empty?
          parts = uri.query.split(/([&;])/)
          filtered_parts = parts.map do |part|
            if part.include?("=")
              key, value = part.split("=", 2)
              request.parameter_filter.filter(key => value).first.join("=")
            else
              part
            end
          end
          uri.query = filtered_parts.join("")
        end
        uri.to_s
      rescue URI::Error
        FILTERED
      end
    end
  end
end

Version data entries

9 entries across 9 versions & 1 rubygems

Version	Path
actionpack-8.0.2	lib/action_dispatch/http/filter_redirect.rb
actionpack-8.0.1	lib/action_dispatch/http/filter_redirect.rb
actionpack-8.0.0.1	lib/action_dispatch/http/filter_redirect.rb
actionpack-7.2.2.1	lib/action_dispatch/http/filter_redirect.rb
actionpack-8.0.0	lib/action_dispatch/http/filter_redirect.rb
actionpack-7.2.2	lib/action_dispatch/http/filter_redirect.rb
actionpack-8.0.0.rc2	lib/action_dispatch/http/filter_redirect.rb
actionpack-7.2.1.2	lib/action_dispatch/http/filter_redirect.rb
actionpack-7.2.1.1	lib/action_dispatch/http/filter_redirect.rb