Permalink
Browse files

Took out the domain option logic to cookies.rb.

  • Loading branch information...
rizwanreza authored and josevalim committed Jun 11, 2010
1 parent 5609149 commit f99132663b2ceee56f6e02ada396a911e4e20da2
@@ -45,7 +45,15 @@ def cookie_jar
# * <tt>:value</tt> - The cookie's value or list of values (as an array).
# * <tt>:path</tt> - The path for which this cookie applies. Defaults to the root
# of the application.
- # * <tt>:domain</tt> - The domain for which this cookie applies.
+ # * <tt>:domain</tt> - The domain for which this cookie applies so you can
+ # restrict to the domain level. If you use a schema like www.example.com
+ # and want to share session with user.example.com set <tt>:domain</tt>
+ # to <tt>:all</tt>
+ #
+ # :domain => nil # Does not sets cookie domain. (default)
+ # :domain => :all # Allow the cookie for the top most level
+ # domain and subdomains.
+ #
# * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
# * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
# Default is +false+.
@@ -54,13 +62,22 @@ def cookie_jar
class Cookies
HTTP_HEADER = "Set-Cookie".freeze
TOKEN_KEY = "action_dispatch.secret_token".freeze
-
+
# Raised when storing more than 4K of session data.
class CookieOverflow < StandardError; end
class CookieJar < Hash #:nodoc:
+
+ # This regular expression is used to split the levels of a domain
+ # So www.example.co.uk gives:
+ # $1 => www.
+ # $2 => example
+ # $3 => co.uk
+ DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/
+
def self.build(request)
secret = request.env[TOKEN_KEY]
+ @@host = request.env["HTTP_HOST"]
new(secret).tap do |hash|
hash.update(request.cookies)
end
@@ -70,6 +87,7 @@ def initialize(secret=nil)
@secret = secret
@set_cookies = {}
@delete_cookies = {}
+
super()
end
@@ -92,6 +110,12 @@ def []=(key, options)
value = super(key.to_s, value)
options[:path] ||= "/"
+
+ if options[:domain] == :all
+ @@host =~ DOMAIN_REGEXP
+ options[:domain] = ".#{$2}.#{$3}"
+ end
+
@set_cookies[key] = options
@delete_cookies.delete(key)
value
@@ -103,6 +127,12 @@ def []=(key, options)
def delete(key, options = {})
options.symbolize_keys!
options[:path] ||= "/"
+
+ if options[:domain] == :all
+ @@host =~ DOMAIN_REGEXP
+ options[:domain] = ".#{$2}.#{$3}"
+ end
+
value = super(key.to_s)
@delete_cookies[key] = options
value
@@ -93,13 +93,6 @@ def stale_session_check!
:cookie_only => true
}
- # This regular expression is used to split the levels of a domain:
- # So www.example.co.uk gives:
- # $1 => www.
- # $2 => example
- # $3 => co.uk
- DOMAIN_REGEXP = /^(.*\.)*(.*)\.(...|...\...|....|..\...|..)$/
-
def initialize(app, options = {})
@app = app
@default_options = DEFAULT_OPTIONS.merge(options)
@@ -129,11 +122,6 @@ def call(env)
cookie[:expires] = Time.now + options.delete(:expire_after)
end
- if options[:domain] == :all
- env["HTTP_HOST"] =~ DOMAIN_REGEXP
- options[:domain] = ".#{$2}.#{$3}"
- end
-
request = ActionDispatch::Request.new(env)
set_cookie(request, cookie.merge!(options))
end
@@ -34,14 +34,6 @@ module Session
# integrity defaults to 'SHA1' but may be any digest provided by OpenSSL,
# such as 'MD5', 'RIPEMD160', 'SHA256', etc.
#
- # * <tt>:domain</tt>: Restrict the session cookie to certain domain level.
- # If you use a schema like www.example.com and wants to share session
- # with user.example.com set <tt>:domain</tt> to <tt>:all</tt>
- #
- # :domain => nil # Does not sets cookie domain. (default)
- # :domain => :all # Allow the cookie for the top most level
- # domain and subdomains.
- #
# To generate a secret key for an existing application, run
# "rake secret" and set the key in config/environment.rb.
#

0 comments on commit f991326

Please sign in to comment.