lib/safe_cookies/helpers.rb in safe_cookies-0.1.5 vs lib/safe_cookies/helpers.rb in safe_cookies-0.1.6
- old
+ new
@@ -7,12 +7,13 @@
cookies = @headers['Set-Cookie']
# Rack 1.1 returns an Array
cookies = cookies.join("\n") if cookies.is_a?(Array)
if cookies and cookies.length > 0
- @application_cookies = cookies
+ @application_cookies_string = cookies
end
+ # else, @application_cookies_string will be `nil`
end
def secure(cookie)
# Regexp from https://github.com/tobmatth/rack-ssl-enforcer/
if should_be_secure?(cookie) and cookie !~ /(^|;\s)secure($|;)/
@@ -45,11 +46,11 @@
# getters
def stored_application_cookie_names
- store_cookie = request_cookies[STORE_COOKIE_NAME] || ""
+ store_cookie = @request.cookies[STORE_COOKIE_NAME] || ""
store_cookie.split(KNOWN_COOKIES_DIVIDER)
end
# returns those of the registered cookies that appear in the request
def registered_cookies_in_request
@@ -59,19 +60,20 @@
def known_cookie_names
known = [STORE_COOKIE_NAME, SECURED_COOKIE_NAME]
known += stored_application_cookie_names
known += @configuration.registered_cookies.keys
end
-
+
+ # returns the request cookies minus ignored cookies
def request_cookies
- @request.cookies
+ Util.except!(@request.cookies.dup, *@configuration.ignored_cookies)
end
# boolean
def cookies_have_been_rewritten_before?
- request_cookies.has_key? SECURED_COOKIE_NAME
+ @request.cookies.has_key? SECURED_COOKIE_NAME
end
def should_be_secure?(cookie)
cookie_name = cookie.split('=').first.strip
ssl? and not @configuration.insecure_cookie?(cookie_name)