Class: Gitlab::Middleware::StripCookies

Inherits:
Object
  • Object
show all
Defined in:
lib/gitlab/middleware/strip_cookies.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app, options = {}) ⇒ StripCookies

Initializes the middleware.

Parameters:

  • app (Rack application)

    The Rack application.

  • options (Hash) (defaults to: {})

    The options to customize the middleware behavior.

Options Hash (options):

  • :paths (Array<Regexp>)

    The regular expressions to match against the path when cookies should be deleted.



14
15
16
17
 
# File 'lib/gitlab/middleware/strip_cookies.rb', line 14

def initialize(app, options = {})
  @app = app
  @paths = Array(options[:paths])
end

Instance Attribute Details

#appObject (readonly)

Returns the value of attribute app.



6
7
8
 
# File 'lib/gitlab/middleware/strip_cookies.rb', line 6

def app
  @app
end

#pathsObject (readonly)

Returns the value of attribute paths.



6
7
8
 
# File 'lib/gitlab/middleware/strip_cookies.rb', line 6

def paths
  @paths
end

Instance Method Details

#call(env) ⇒ Object 



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'lib/gitlab/middleware/strip_cookies.rb', line 19

def call(env)
  # Extract the path from the request
  path = Rack::Request.new(env).path

  # Check if the request path is in the list of paths to be stripped
  strip_out = paths.any? { |regex| regex.match?(path) }

  # If cookies are to be stripped, delete the HTTP_COOKIE from the request environment
  env.delete("HTTP_COOKIE") if strip_out

  status, headers, body = @app.call(env)

  # If cookies are to be stripped, delete the Set-Cookie header from the response
  headers.delete("Set-Cookie") if strip_out

  # Return the response (status, headers, body) to the next middleware or the web server
  [status, headers, body]
end