Permalink
Browse files

[feature]: Respond to * /iframe_session. Required on the server-side …

…of a client/server-side hack - to make Safari accept 3rd party cookies in iframes - mentioned in README.
  • Loading branch information...
1 parent 3df7650 commit 32c9f2fb02b21f0038a22f30359c3e87ad6404a3 @grimen committed Nov 1, 2011
Showing with 36 additions and 5 deletions.
  1. +15 −1 lib/rack/iframe.rb
  2. +1 −1 lib/rack/iframe/version.rb
  3. +18 −1 spec/rack-iframe_spec.rb
  4. +2 −2 spec/spec_helper.rb
View
@@ -6,18 +6,24 @@ module Rack
class Iframe
DEFAULT_P3P = %(CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV").freeze
+ DEFAULT_IFRAME_SESSION_PATH = '/iframe_session'.freeze
def initialize(app, options = {})
@app, @options = app, options
@options[:p3p] ||= DEFAULT_P3P
+ @options[:iframe_session_path] ||= DEFAULT_IFRAME_SESSION_PATH
end
def call(env)
# 1) If P3P: Set a random Etag (If-None-Match) to trick backend to not send cached response (304).
set_invalid_etag!(env) if set_p3p_header?(env)
# 2) Request
- @status, @headers, @body = @app.call(env)
+ if iframe_session_path?(env)
+ @status, @headers, @body = iframe_session_response
+ else
+ @status, @headers, @body = @app.call(env)
+ end
# 3) If P3P: Attach P3P header.
set_p3p_header! if set_p3p_header?(env)
@@ -67,5 +73,13 @@ def user_agents?(ids, env)
end
end
+ def iframe_session_path?(env)
+ env['PATH_INFO'] == @options[:iframe_session_path]
+ end
+
+ def iframe_session_response
+ [200, {}, [""]]
+ end
+
end
end
@@ -1,5 +1,5 @@
module Rack
class Iframe
- VERSION = "0.0.1"
+ VERSION = "0.0.2"
end
end
View
@@ -186,7 +186,24 @@
end
end
end
+
+ describe "any browser: Iframe session cookie hack" do
+ before do
+ @user_agents = [:safari]
+ end
+
+ it 'should respond to * /iframe_session with P3P header - modified (200 OK)' do
+ @user_agents.each do |user_agent|
+ request = mock_request(user_agent, {}, '/iframe_session')
+
+ response = Rack::Iframe.new(@app).call(request)
+ status, headers, body = response
+
+ headers['P3P'].must_equal %(CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV")
+ status.must_equal 200 # modified
+ end
+ end
+ end
end
end
-
end
View
@@ -54,11 +54,11 @@ def rack_cache(app, options = {})
Rack::Cache.new(app, options)
end
-def mock_request(user_agent_key, env = {})
+def mock_request(user_agent_key, env = {}, path = '/')
headers = {
'HTTP_USER_AGENT' => user_agent_string(user_agent_key)
}.merge(env)
- Rack::MockRequest.env_for('/', headers)
+ Rack::MockRequest.env_for(path, headers)
end
def random_etag

0 comments on commit 32c9f2f

Please sign in to comment.