Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add a prog to the configuration that needs to be true in order to hav… #25

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

add a prog to the configuration that needs to be true in order to hav… #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7985541
add a prog to the configuration that needs to be true in order to hav…
Oct 21, 2020
50d7d6a
revert gemspec changes
Oct 21, 2020
4195fed
refactor clunky variable
Oct 21, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 3 additions & 1 deletion lib/rails_same_site_cookie/configuration.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
module RailsSameSiteCookie
class Configuration
attr_accessor :user_agent_regex
attr_accessor :env_bool_condition

def initialize
@user_agent_regex = nil
@env_bool_condition = nil
end
end
end
end
6 changes: 4 additions & 2 deletions lib/rails_same_site_cookie/middleware.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,12 @@ def call(env)
status, headers, body = @app.call(env)

regex = RailsSameSiteCookie.configuration.user_agent_regex
prog_bool = RailsSameSiteCookie.configuration.env_bool_condition.call(env)

set_cookie = headers['Set-Cookie']
if (regex.nil? or regex.match(env['HTTP_USER_AGENT'])) and not (set_cookie.nil? or set_cookie.strip == '')
parser = UserAgentChecker.new(env['HTTP_USER_AGENT'])
if parser.send_same_site_none?
if parser.send_same_site_none? && prog_bool
cookies = set_cookie.split(COOKIE_SEPARATOR)
ssl = Rack::Request.new(env).ssl?

Expand All @@ -42,4 +44,4 @@ def call(env)
end

end
end
end
3 changes: 2 additions & 1 deletion rails_same_site_cookie.gemspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ require "rails_same_site_cookie/version"

Gem::Specification.new do |spec|
spec.name = "rails_same_site_cookie"
spec.version = RailsSameSiteCookie::VERSION
spec.version = "1.0"
spec.authors = ["Philip Schinis"]
spec.email = ["[email protected]"]

Expand All @@ -27,6 +27,7 @@ Gem::Specification.new do |spec|
spec.add_development_dependency "bundler", ">= 1.17"
spec.add_development_dependency "rake", "~> 10.0"
spec.add_development_dependency "rspec", "~> 3.0"
spec.add_development_dependency "byebug", ">= 0"

spec.add_dependency "rack", ">= 1.5"
spec.add_dependency "user_agent_parser", "~> 2.5"
Expand Down
52 changes: 41 additions & 11 deletions spec/middleware_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,50 @@
require "byebug"
RSpec.describe RailsSameSiteCookie::Middleware do
let(:app) { MockRackApp.new }
subject { described_class.new(app) }

context "when configured with a regex" do
let(:valid_url) { 'https://www.lol.com' }
let(:request) { Rack::MockRequest.new(subject) }
before(:each) do
RailsSameSiteCookie.configure do |config|
config.user_agent_regex = /StrongrFastrApp/
let(:headers) { {'HTTP_USER_AGENT' => 'StrongrFastrApp', 'HTTP_REFERER' => valid_url} }

context "when user agent is given" do
before(:each) do
RailsSameSiteCookie.configure do |config|
config.user_agent_regex = /StrongrFastrApp/
config.env_bool_condition = lambda{|env| env['HTTP_REFERER'] == "https://www.lol.com"}
end
end
end

it "adds SameSite=None to cookies for requests whose UA matches regex" do
response = request.post("/some/path", 'HTTP_USER_AGENT' => 'StrongrFastrApp')
expect(response['Set-Cookie']).to match(/;\s*samesite=none/i)
it "adds SameSite=None to cookies for requests whose UA matches regex" do
response = request.post("/some/path", headers)
expect(response['Set-Cookie']).to match(/;\s*samesite=none/i)
end

it "doesn't add SameSite=None if request is missing regex" do
response = request.post("/some/path")
expect(response['Set-Cookie']).not_to match(/;\s*samesite=none/i)
end
end

it "doesn't add SameSite=None if request is missing regex" do
response = request.post("/some/path")
expect(response['Set-Cookie']).not_to match(/;\s*samesite=none/i)
context "when prog bool is given" do
it "adds SameSite=None to cookies for requests whose prog bool is true" do
RailsSameSiteCookie.configure do |config|
config.env_bool_condition = lambda{|env| env['HTTP_REFERER'] == valid_url}
end

response = request.post("/some/path", headers)
expect(response['Set-Cookie']).to match(/;\s*samesite=none/i)
end

it "doesn't add SameSite=None for requests whose prog bool is false" do
RailsSameSiteCookie.configure do |config|
config.env_bool_condition = lambda{|env| env['HTTP_REFERER'] == "https://www.nicht-lustig.com"}
end

response = request.post("/some/path")
expect(response['Set-Cookie']).not_to match(/;\s*samesite=none/i)
end
end
end

Expand All @@ -26,6 +53,7 @@
before(:each) do
RailsSameSiteCookie.configure do |config|
config.user_agent_regex = nil
config.env_bool_condition = lambda{|env| true }
end
end

Expand All @@ -36,4 +64,6 @@

end

end
end