class DceLti::Middleware::CookielessSessions
Public Instance Methods
change_nokogiri_doc(doc)
click to toggle source
# File lib/dce_lti/middleware/cookieless_sessions.rb, line 6 def change_nokogiri_doc(doc) if no_cookies? || shimmed_cookie? doc.css('a').each do |a| href = a[:href] next unless local_url?(href) next if url_has_key_already?(href) if href.match(/\?/) a[:href] += "&#{session_key_name}=#{session_id}" else a[:href] += "?#{session_key_name}=#{session_id}" end end doc.css('form').each do |form| action = form[:action] next unless local_url?(action) next if url_has_key_already?(action) # For PATCH, PUT, DELETE and POST, which allow # params mixed in the action and the form. if action.match(/\?/) form[:action] += "&#{session_key_name}=#{session_id}" else form[:action] += "?#{session_key_name}=#{session_id}" end # For GET, oddly. GET method forms stomp all params encoded # in the action input_node = Nokogiri::XML::Node.new('input', doc) input_node[:type] = 'hidden' input_node[:name] = session_key_name input_node[:value] = session_id form.children.first.add_previous_sibling( input_node ) end end doc end
Private Instance Methods
local_url?(url)
click to toggle source
# File lib/dce_lti/middleware/cookieless_sessions.rb, line 58 def local_url?(url) ! url.match(/\Ahttps?:\/\/|\/\//i) end
session()
click to toggle source
# File lib/dce_lti/middleware/cookieless_sessions.rb, line 70 def session @p.request.env['rack.session'] end
session_id()
click to toggle source
# File lib/dce_lti/middleware/cookieless_sessions.rb, line 74 def session_id session.id end
session_key_name()
click to toggle source
# File lib/dce_lti/middleware/cookieless_sessions.rb, line 66 def session_key_name @session_key_name ||= Rails.application.config.session_options[:key] end
url_has_key_already?(url)
click to toggle source
# File lib/dce_lti/middleware/cookieless_sessions.rb, line 62 def url_has_key_already?(url) url.match(/#{session_key_name}/i) end