123456789_123456789_123456789_123456789_123456789_

Class: ActionDispatch::Cookies::CookieJar

Do not use. This class is for internal use only.
Relationships & Source Files
Extension / Inclusion / Inheritance Descendants
Subclasses:
ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullCookieJar
Super Chains via Extension / Inclusion / Inheritance
Instance Chain:
self, ::Enumerable, ::ActiveSupport::EnumerableCoreExt::Constants, ChainedCookieJars
Inherits: Object
Defined in: actionpack/lib/action_dispatch/middleware/cookies.rb

Class Attribute Summary

Class Method Summary

Instance Attribute Summary

::Enumerable - Included

#many?

Returns true if the enumerable has more than 1 element.

ChainedCookieJars - Included

#prepare_upgrade_legacy_hmac_aes_cbc_cookies?, #upgrade_legacy_hmac_aes_cbc_cookies?

Instance Method Summary

::Enumerable - Included

#compact_blank

Returns a new ::Array without the blank items.
#exclude?

The negative of the Enumerable#include?.
#excluding

Returns a copy of the enumerable excluding the specified elements.
#in_order_of

Returns a new ::Array where the order has been set to that provided in the series, based on the key of the objects in the original enumerable.
#including

Returns a new array that includes the passed elements.
#index_by

Convert an enumerable to a hash, using the block result as the key and the element as the value.
#index_with

Convert an enumerable to a hash, using the element as the key and the block result as the value.
#maximum

Calculates the maximum from the extracted elements.
#minimum

Calculates the minimum from the extracted elements.
#pick

Extract the given key from the first element in the enumerable.
#pluck

Extract the given key from each element in the enumerable.
#sole

Returns the sole item in the enumerable.
#without

Alias for Enumerable#excluding.
#as_json

::ActiveSupport::EnumerableCoreExt::Constants - Included

#const_missing

ChainedCookieJars - Included

#encrypted

Returns a jar that’ll automatically encrypt cookie values before sending them to the client and will decrypt them for read.
#permanent

Returns a jar that’ll automatically set the assigned cookies to have an expiration date 20 years from now.
#signed

Returns a jar that’ll automatically generate a signed representation of cookie value and verify it when reading from the cookie again.
#signed_or_encrypted

Returns the signed or encrypted jar, preferring encrypted if secret_key_base is set.
#encrypted_cookie_cipher, #signed_cookie_digest

Constructor Details

.new(request) ⇒ CookieJar

[ GitHub ] 

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 324



def initialize(request)
  @set_cookies = {}
  @delete_cookies = {}
  @request = request
  @cookies = {}
  @committed = false
end


  







Class Attribute Details




Class Method Details



  

    .build(req, cookies)  
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 316



def self.build(req, cookies)
  jar = new(req)
  jar.update(cookies)
  jar
end


  







Instance Attribute Details





  

    #committed?Boolean  (readonly)
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 332



def committed?; @committed; end


  








  

    #request   (readonly)
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 322



attr_reader :request


  







Instance Method Details



  

    #[](name)  
  



  

    

Returns the value of the cookie by name, or nil if no such cookie exists.


  



  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 345



def [](name)
  @cookies[name.to_s]
end


  








  

    #[]=(name, options)  
  



  

    

Sets the cookie named name. The second argument may be the cookie’s value or a hash of options as documented above.


  



  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 379



def []=(name, options)
  if options.is_a?(Hash)
    options.symbolize_keys!
    value = options[:value]
  else
    value = options
    options = { value: value }
  end

  handle_options(options)

  if @cookies[name.to_s] != value || options[:expires]
    @cookies[name.to_s] = value
    @set_cookies[name.to_s] = options
    @delete_cookies.delete(name.to_s)
  end

  value
end


  








  

    #clear(options = {})  
  



  

    

Removes all cookies on the client machine by calling #delete for each cookie.


  



  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 425



def clear(options = {})
  @cookies.each_key { |k| delete(k, options) }
end


  








  

    #commit!  
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 334



def commit!
  @committed = true
  @set_cookies.freeze
  @delete_cookies.freeze
end


  








  

    #delete(name, options = {})  
  



  

    

Removes the cookie on the client machine by setting the value to an empty string and the expiration date in the past. Like #[]=, you can pass in an options hash to delete cookies with extra data such as a :path.



Returns the value of the cookie, or nil if the cookie does not exist.


  



  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 404



def delete(name, options = {})
  return unless @cookies.has_key? name.to_s

  options.symbolize_keys!
  handle_options(options)

  value = @cookies.delete(name.to_s)
  @delete_cookies[name.to_s] = options
  value
end


  








  

    #deleted?(name, options = {})  ⇒ Boolean 
  



  

    

Whether the given cookie is to be deleted by this CookieJar. Like #[]=, you can pass in an options hash to test if a deletion applies to a specific :path, :domain etc.


  





  


  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 418



def deleted?(name, options = {})
  options.symbolize_keys!
  handle_options(options)
  @delete_cookies[name.to_s] == options
end


  








  

    #each(&block)  
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 340



def each(&block)
  @cookies.each(&block)
end


  








  

    #escape(string)   (private)
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 444



def escape(string)
  ::Rack::Utils.escape(string)
end


  








  

    #fetch(name, *args, &block)  
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 349



def fetch(name, *args, &block)
  @cookies.fetch(name.to_s, *args, &block)
end


  








  

    #handle_options(options)   (private)
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 452



def handle_options(options)
  if options[:expires].respond_to?(:from_now)
    options[:expires] = options[:expires].from_now
  end

  options[:path]      ||= "/"

  unless options.key?(:same_site)
    options[:same_site] = request.cookies_same_site_protection
  end

  if options[:domain] == :all || options[:domain] == "all"
    cookie_domain = ""
    dot_splitted_host = request.host.split(".", -1)

    # Case where request.host is not an IP address or it's an invalid domain (ip
    # confirms to the domain structure we expect so we explicitly check for ip)
    if request.host.match?(/^[\d.]+$/) || dot_splitted_host.include?("") || dot_splitted_host.length == 1
      options[:domain] = nil
      return
    end

    # If there is a provided tld length then we use it otherwise default domain.
    if options[:tld_length].present?
      # Case where the tld_length provided is valid
      if dot_splitted_host.length >= options[:tld_length]
        cookie_domain = dot_splitted_host.last(options[:tld_length]).join(".")
      end
    # Case where tld_length is not provided
    else
      # Regular TLDs
      if !(/\.[^.]{2,3}\.[^.]{2}\z/.match?(request.host))
        cookie_domain = dot_splitted_host.last(2).join(".")
      # **.**, ***.** style TLDs like co.uk and com.au
      else
        cookie_domain = dot_splitted_host.last(3).join(".")
      end
    end

    options[:domain] = if cookie_domain.present?
      cookie_domain
    end
  elsif options[:domain].is_a? Array
    # If host matches one of the supplied domains.
    options[:domain] = options[:domain].find do |domain|
      domain = domain.delete_prefix(".")
      request.host == domain || request.host.end_with?(".#{domain}")
    end
  elsif options[:domain].respond_to?(:call)
    options[:domain] = options[:domain].call(request)
  end
end


  








  

    #has_key?(name)  
  



  

    

Alias for #key?.


  



  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 356



alias :has_key? :key?


  








  

    #key?(name)  ⇒ Boolean 
    Also known as: #has_key?
  



  

    
  





  


  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 353



def key?(name)
  @cookies.key?(name.to_s)
end


  








  

    #to_hash  
  



  

    

Returns the cookies as ::Hash.


  



  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 359



alias :to_hash :to_h


  








  

    #to_header  
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 373



def to_header
  @cookies.map { |k, v| "#{escape(k)}=#{escape(v)}" }.join "; "
end


  








  

    #update(other_hash)  
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 361



def update(other_hash)
  @cookies.update other_hash.stringify_keys
  self
end


  








  

    #update_cookies_from_jar  
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 366



def update_cookies_from_jar
  request_jar = @request.cookie_jar.instance_variable_get(:@cookies)
  set_cookies = request_jar.reject { |k, _| @delete_cookies.key?(k) || @set_cookies.key?(k) }

  @cookies.update set_cookies if set_cookies
end


  








  

    #write(response)  
  

  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 429



def write(response)
  @set_cookies.each do |name, value|
    if write_cookie?(value)
      response.set_cookie(name, value)
    end
  end

  @delete_cookies.each do |name, value|
    response.delete_cookie(name, value)
  end
end


  








  

    #write_cookie?(cookie)  ⇒ Boolean  (private)
  



  

    
  





  


  [ GitHub ]


  

  


# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 448



def write_cookie?(cookie)
  request.ssl? || !cookie[:secure] || always_write_cookie || request.host.end_with?(".onion")
end