Sha256: c1f9fc9668450bc5fb10c6ef1e77c149d3452a51134303fcfb26a11932245af2
Contents?: true
Size: 1.17 KB
Versions: 2
Compression:
Stored size: 1.17 KB
Contents
module Lotus
module Config
# Cookies configuration
#
# @since 0.3.0
# @api private
class Cookies
# Return the routes for this application
#
# @return [Hash] options for cookies
#
# @since 0.3.0
# @api private
attr_reader :default_options
# Cookies configuration
#
# httponly option enabled by default.
# Prevent attackers to steal cookies via JavaScript,
# Eg. alert(document.cookie) will fail
#
# @param enabled [TrueClass, FalseClass] enable cookies
# @param options [Hash] optional cookies options
#
# @since 0.3.0
# @api private
#
# @see https://github.com/rack/rack/blob/master/lib/rack/utils.rb #set_cookie_header!
# @see https://www.owasp.org/index.php/HttpOnly
def initialize(enabled = false, options = {})
@enabled = enabled
@default_options = { httponly: true }.merge(options)
end
# Return if cookies are enabled
#
# @return [TrueClass, FalseClass] enabled cookies
#
# @since 0.3.0
# @api private
def enabled?
!!@enabled
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| lotusrb-0.3.1 | lib/lotus/config/cookies.rb |
| lotusrb-0.3.0 | lib/lotus/config/cookies.rb |