class SecureHeaders::Cookie

Constants

Attributes

config[R]

Public Class Methods

new(cookie, config) click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 24
def initialize(cookie, config)
  @raw_cookie = cookie
  unless config == OPT_OUT
    config ||= {}
    config = COOKIE_DEFAULTS.merge(config)
  end
  @config = config
  @attributes = {
    httponly: nil,
    samesite: nil,
    secure: nil,
  }

  parse(cookie)
end
validate_config!(config) click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 11
def validate_config!(config)
  CookiesConfig.new(config).validate!
end

Public Instance Methods

httponly?() click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 52
def httponly?
  flag_cookie?(:httponly) && !already_flagged?(:httponly)
end
samesite?() click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 56
def samesite?
  flag_samesite? && !already_flagged?(:samesite)
end
secure?() click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 48
def secure?
  flag_cookie?(:secure) && !already_flagged?(:secure)
end
to_s() click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 40
def to_s
  @raw_cookie.dup.tap do |c|
    c << "; secure" if secure?
    c << "; HttpOnly" if httponly?
    c << "; #{samesite_cookie}" if samesite?
  end
end

Private Instance Methods

already_flagged?(attribute) click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 66
def already_flagged?(attribute)
  @attributes[attribute]
end
conditionally_flag?(configuration) click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 82
def conditionally_flag?(configuration)
  if(Array(configuration[:only]).any? && (Array(configuration[:only]) & parsed_cookie.keys).any?)
    true
  elsif(Array(configuration[:except]).any? && (Array(configuration[:except]) & parsed_cookie.keys).none?)
    true
  else
    false
  end
end
flag_samesite?() click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 102
def flag_samesite?
  return false if config == OPT_OUT || config[:samesite] == OPT_OUT
  flag_samesite_lax? || flag_samesite_strict? || flag_samesite_none?
end
flag_samesite_enforcement?(mode) click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 119
def flag_samesite_enforcement?(mode)
  return unless config[:samesite]

  if config[:samesite].is_a?(TrueClass) && mode == :lax
    return true
  end

  case config[:samesite][mode]
  when Hash
    conditionally_flag?(config[:samesite][mode])
  when TrueClass
    true
  else
    false
  end
end
flag_samesite_lax?() click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 107
def flag_samesite_lax?
  flag_samesite_enforcement?(:lax)
end
flag_samesite_none?() click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 115
def flag_samesite_none?
  flag_samesite_enforcement?(:none)
end
flag_samesite_strict?() click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 111
def flag_samesite_strict?
  flag_samesite_enforcement?(:strict)
end
parse(cookie) click to toggle source
# File lib/secure_headers/headers/cookie.rb, line 136
def parse(cookie)
  return unless cookie

  cookie.split(/[;,]\s?/).each do |pairs|
    name, values = pairs.split("=", 2)
    name = CGI.unescape(name)

    attribute = name.downcase.to_sym
    if @attributes.has_key?(attribute)
      @attributes[attribute] = values || true
    end
  end
end