don't support the #secure_cookies method

github · Jul 18, 2017 · f6f6aba · f6f6aba
1 parent a998572
commit f6f6aba
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 14 deletions.
diff --git a/lib/secure_headers/configuration.rb b/lib/secure_headers/configuration.rb
@@ -206,8 +206,7 @@ def validate_config!
     end
 
     def secure_cookies=(secure_cookies)
-      Kernel.warn "#{Kernel.caller.first}: [DEPRECATION] `#secure_cookies=` is deprecated. Please use `#cookies=` to configure secure cookies instead."
-      @cookies = (@cookies || {}).merge(secure: secure_cookies)
+      raise ArgumentError, "#{Kernel.caller.first}: `#secure_cookies=` is no longer supported. Please use `#cookies=` to configure secure cookies instead."
     end
 
     def csp=(new_csp)

diff --git a/spec/lib/secure_headers/configuration_spec.rb b/spec/lib/secure_headers/configuration_spec.rb
@@ -85,11 +85,11 @@ module SecureHeaders
     end
 
     it "deprecates the secure_cookies configuration" do
-      expect(Kernel).to receive(:warn).with(/\[DEPRECATION\]/)
-
-      Configuration.default do |config|
-        config.secure_cookies = true
-      end
+      expect {
+        Configuration.default do |config|
+          config.secure_cookies = true
+        end
+      }.to raise_error(ArgumentError)
     end
   end
 end
diff --git a/spec/lib/secure_headers/middleware_spec.rb b/spec/lib/secure_headers/middleware_spec.rb
@@ -55,12 +55,10 @@ module SecureHeaders
       expect(env[ContentSecurityPolicyConfig::HEADER_NAME]).to match("example.org")
     end
 
-    context "secure_cookies" do
+    context "cookies" do
       context "cookies should be flagged" do
         it "flags cookies as secure" do
-          capture_warning do
-            Configuration.default { |config| config.secure_cookies = true }
-          end
+          Configuration.default { |config| config.cookies = { secure: true } }
           request = Rack::Request.new("HTTPS" => "on")
           _, env = cookie_middleware.call request.env
           expect(env["Set-Cookie"]).to eq("foo=bar; secure")
@@ -69,9 +67,7 @@ module SecureHeaders
 
       context "cookies should not be flagged" do
         it "does not flags cookies as secure" do
-          capture_warning do
-            Configuration.default { |config| config.secure_cookies = false }
-          end
+          Configuration.default { |config| config.cookies = nil }
           request = Rack::Request.new("HTTPS" => "on")
           _, env = cookie_middleware.call request.env
           expect(env["Set-Cookie"]).to eq("foo=bar")