Contents

module Alchemy
  # Provides methods to secure your picture attributes against DOS attacks.
  #
  class PictureAttributes

    SECURE_ATTRIBUTES = %w(id size crop crop_from crop_size quality).freeze

    class << self

      # Secures given attributes
      #
      # @param attributes [Hash]
      # @return [String]
      #
      def secure(attributes)
        Digest::SHA1.hexdigest(joined_attributes(attributes))[0..15]
      end

    private

      # Takes attributes and joins them with the +security_token+ of your rails app.
      #
      def joined_attributes(attributes)
        attributes.stringify_keys.values_at(*SECURE_ATTRIBUTES, Rails.configuration.secret_token).join('-')
      end

    end
  end
end

Version data entries

28 entries across 28 versions & 1 rubygems

Version	Path
alchemy_cms-2.9.1	lib/alchemy/picture_attributes.rb
alchemy_cms-2.9.0	lib/alchemy/picture_attributes.rb
alchemy_cms-2.8.3	lib/alchemy/picture_attributes.rb
alchemy_cms-2.7.5	lib/alchemy/picture_attributes.rb
alchemy_cms-2.6.3	lib/alchemy/picture_attributes.rb
alchemy_cms-2.7.4	lib/alchemy/picture_attributes.rb
alchemy_cms-2.8.2	lib/alchemy/picture_attributes.rb
alchemy_cms-2.8.1	lib/alchemy/picture_attributes.rb
alchemy_cms-2.7.3	lib/alchemy/picture_attributes.rb
alchemy_cms-2.7.2	lib/alchemy/picture_attributes.rb
alchemy_cms-2.7.1	lib/alchemy/picture_attributes.rb
alchemy_cms-2.7.0	lib/alchemy/picture_attributes.rb
alchemy_cms-2.6.2.1	lib/alchemy/picture_attributes.rb
alchemy_cms-2.6.2	lib/alchemy/picture_attributes.rb
alchemy_cms-2.6.1	lib/alchemy/picture_attributes.rb
alchemy_cms-2.6.0	lib/alchemy/picture_attributes.rb
alchemy_cms-2.6.0.rc5	lib/alchemy/picture_attributes.rb
alchemy_cms-2.5.3.1	lib/alchemy/picture_attributes.rb
alchemy_cms-2.5.3	lib/alchemy/picture_attributes.rb
alchemy_cms-2.5.2.2	lib/alchemy/picture_attributes.rb