From f65b26f46060a5100b2ad446c7a5e18989d8ebf5 Mon Sep 17 00:00:00 2001 From: Gareth Rees Date: Fri, 11 Dec 2015 11:40:29 +0000 Subject: [PATCH] Remove WhatDoTheyKnow namespace This class is used in all installs of Alaveteli --- config/application.rb | 4 +-- lib/strip_empty_sessions.rb | 27 +++++++++++++++++ lib/whatdotheyknow/strip_empty_sessions.rb | 30 ------------------- .../strip_empty_sessions_spec.rb | 6 ++-- 4 files changed, 32 insertions(+), 35 deletions(-) create mode 100644 lib/strip_empty_sessions.rb delete mode 100644 lib/whatdotheyknow/strip_empty_sessions.rb rename spec/lib/{whatdotheyknow => }/strip_empty_sessions_spec.rb (94%) diff --git a/config/application.rb b/config/application.rb index afba38ae34..77c784d051 100644 --- a/config/application.rb +++ b/config/application.rb @@ -82,8 +82,8 @@ class Application < Rails::Application ENV['RECAPTCHA_PRIVATE_KEY'] = ::AlaveteliConfiguration::recaptcha_private_key # Insert a bit of middleware code to prevent uneeded cookie setting. - require "#{Rails.root}/lib/whatdotheyknow/strip_empty_sessions" - config.middleware.insert_before ::ActionDispatch::Cookies, WhatDoTheyKnow::StripEmptySessions, :key => '_wdtk_cookie_session', :path => "/", :httponly => true + require "#{Rails.root}/lib/strip_empty_sessions" + config.middleware.insert_before ::ActionDispatch::Cookies, StripEmptySessions, :key => '_wdtk_cookie_session', :path => "/", :httponly => true # Strip non-UTF-8 request parameters config.middleware.insert 0, Rack::UTF8Sanitizer diff --git a/lib/strip_empty_sessions.rb b/lib/strip_empty_sessions.rb new file mode 100644 index 0000000000..3d407be524 --- /dev/null +++ b/lib/strip_empty_sessions.rb @@ -0,0 +1,27 @@ +# -*- encoding : utf-8 -*- +class StripEmptySessions + ENV_SESSION_KEY = "rack.session".freeze + HTTP_SET_COOKIE = "Set-Cookie".freeze + STRIPPABLE_KEYS = ['session_id', '_csrf_token', 'locale'] + + def initialize(app, options = {}) + @app = app + @options = options + end + + def call(env) + status, headers, body = @app.call(env) + session_data = env[ENV_SESSION_KEY] + set_cookie = headers[HTTP_SET_COOKIE] + if session_data + if (session_data.keys - STRIPPABLE_KEYS).empty? + if set_cookie.is_a? Array + set_cookie.reject! {|c| c.match(/^\n?#{@options[:key]}=/)} + elsif set_cookie.is_a? String + headers[HTTP_SET_COOKIE].gsub!( /(^|\n)#{@options[:key]}=.*?(\n|$)/, "" ) + end + end + end + [status, headers, body] + end +end diff --git a/lib/whatdotheyknow/strip_empty_sessions.rb b/lib/whatdotheyknow/strip_empty_sessions.rb deleted file mode 100644 index 1e5078172e..0000000000 --- a/lib/whatdotheyknow/strip_empty_sessions.rb +++ /dev/null @@ -1,30 +0,0 @@ -# -*- encoding : utf-8 -*- -module WhatDoTheyKnow - - class StripEmptySessions - ENV_SESSION_KEY = "rack.session".freeze - HTTP_SET_COOKIE = "Set-Cookie".freeze - STRIPPABLE_KEYS = ['session_id', '_csrf_token', 'locale'] - - def initialize(app, options = {}) - @app = app - @options = options - end - - def call(env) - status, headers, body = @app.call(env) - session_data = env[ENV_SESSION_KEY] - set_cookie = headers[HTTP_SET_COOKIE] - if session_data - if (session_data.keys - STRIPPABLE_KEYS).empty? - if set_cookie.is_a? Array - set_cookie.reject! {|c| c.match(/^\n?#{@options[:key]}=/)} - elsif set_cookie.is_a? String - headers[HTTP_SET_COOKIE].gsub!( /(^|\n)#{@options[:key]}=.*?(\n|$)/, "" ) - end - end - end - [status, headers, body] - end - end -end diff --git a/spec/lib/whatdotheyknow/strip_empty_sessions_spec.rb b/spec/lib/strip_empty_sessions_spec.rb similarity index 94% rename from spec/lib/whatdotheyknow/strip_empty_sessions_spec.rb rename to spec/lib/strip_empty_sessions_spec.rb index d6272cb5cb..4a98f5d42e 100644 --- a/spec/lib/whatdotheyknow/strip_empty_sessions_spec.rb +++ b/spec/lib/strip_empty_sessions_spec.rb @@ -1,13 +1,13 @@ # -*- encoding : utf-8 -*- -require File.expand_path(File.dirname(__FILE__) + '/../../spec_helper') -describe WhatDoTheyKnow::StripEmptySessions do +require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') +describe StripEmptySessions do def make_response(session_data, response_headers) app = lambda do |env| env['rack.session'] = session_data return [200, response_headers, ['content']] end - strip_empty_sessions = WhatDoTheyKnow::StripEmptySessions + strip_empty_sessions = StripEmptySessions app = strip_empty_sessions.new(app, {:key => 'mykey', :path => '', :httponly => true}) response = Rack::MockRequest.new(app).get('/', 'HTTP_ACCEPT' => 'text/html') end