class SecureHeaders::Cookie
Attributes
config[R]
Public Class Methods
new(cookie, config)
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 16 def initialize(cookie, config) @raw_cookie = cookie @config = config @attributes = { httponly: nil, samesite: nil, secure: nil, } parse(cookie) end
validate_config!(config)
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 9 def validate_config!(config) CookiesConfig.new(config).validate! end
Public Instance Methods
httponly?()
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 40 def httponly? flag_cookie?(:httponly) && !already_flagged?(:httponly) end
samesite?()
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 44 def samesite? flag_samesite? && !already_flagged?(:samesite) end
secure?()
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 36 def secure? flag_cookie?(:secure) && !already_flagged?(:secure) end
to_s()
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 28 def to_s @raw_cookie.dup.tap do |c| c << "; secure" if secure? c << "; HttpOnly" if httponly? c << "; #{samesite_cookie}" if samesite? end end
Private Instance Methods
already_flagged?(attribute)
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 54 def already_flagged?(attribute) @attributes[attribute] end
conditionally_flag?(configuration)
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 69 def conditionally_flag?(configuration) if(Array(configuration[:only]).any? && (Array(configuration[:only]) & parsed_cookie.keys).any?) true elsif(Array(configuration[:except]).any? && (Array(configuration[:except]) & parsed_cookie.keys).none?) true else false end end
flag_samesite?()
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 87 def flag_samesite? flag_samesite_lax? || flag_samesite_strict? end
flag_samesite_enforcement?(mode)
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 99 def flag_samesite_enforcement?(mode) return unless config[:samesite] case config[:samesite][mode] when Hash conditionally_flag?(config[:samesite][mode]) when TrueClass true else false end end
flag_samesite_lax?()
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 91 def flag_samesite_lax? flag_samesite_enforcement?(:lax) end
flag_samesite_strict?()
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 95 def flag_samesite_strict? flag_samesite_enforcement?(:strict) end
parse(cookie)
click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 112 def parse(cookie) return unless cookie cookie.split(/[;,]\s?/).each do |pairs| name, values = pairs.split('=',2) name = CGI.unescape(name) attribute = name.downcase.to_sym if @attributes.has_key?(attribute) @attributes[attribute] = values || true end end end