root/trunk/actionpack/lib/action_controller/cookies.rb
| Revision 8407, 3.1 kB (checked in by bitsweat, 1 year ago) |
|---|
| Line | |
|---|---|
| 1 | module ActionController #:nodoc: |
| 2 | # Cookies are read and written through ActionController#cookies. The cookies being read are what were received along with the request, |
| 3 | # the cookies being written are what will be sent out with the response. Cookies are read by value (so you won't get the cookie object |
| 4 | # itself back -- just the value it holds). Examples for writing: |
| 5 | # |
| 6 | # cookies[:user_name] = "david" # => Will set a simple session cookie |
| 7 | # cookies[:login] = { :value => "XJ-122", :expires => 1.hour.from_now } |
| 8 | # # => Will set a cookie that expires in 1 hour |
| 9 | # |
| 10 | # Examples for reading: |
| 11 | # |
| 12 | # cookies[:user_name] # => "david" |
| 13 | # cookies.size # => 2 |
| 14 | # |
| 15 | # Example for deleting: |
| 16 | # |
| 17 | # cookies.delete :user_name |
| 18 | # |
| 19 | # All the option symbols for setting cookies are: |
| 20 | # |
| 21 | # * <tt>value</tt> - the cookie's value or list of values (as an array). |
| 22 | # * <tt>path</tt> - the path for which this cookie applies. Defaults to the root of the application. |
| 23 | # * <tt>domain</tt> - the domain for which this cookie applies. |
| 24 | # * <tt>expires</tt> - the time at which this cookie expires, as a +Time+ object. |
| 25 | # * <tt>secure</tt> - whether this cookie is a secure cookie or not (default to false). |
| 26 | # Secure cookies are only transmitted to HTTPS servers. |
| 27 | # * <tt>http_only</tt> - whether this cookie is accessible via scripting or only HTTP (defaults to false). |
| 28 | |
| 29 | module Cookies |
| 30 | def self.included(base) |
| 31 | base.helper_method :cookies |
| 32 | end |
| 33 | |
| 34 | protected |
| 35 | # Returns the cookie container, which operates as described above. |
| 36 | def cookies |
| 37 | CookieJar.new(self) |
| 38 | end |
| 39 | end |
| 40 | |
| 41 | class CookieJar < Hash #:nodoc: |
| 42 | def initialize(controller) |
| 43 | @controller, @cookies = controller, controller.request.cookies |
| 44 | super() |
| 45 | update(@cookies) |
| 46 | end |
| 47 | |
| 48 | # Returns the value of the cookie by +name+ -- or nil if no such cookie exists. You set new cookies using cookies[]= |
| 49 | # (for simple name/value cookies without options). |
| 50 | def [](name) |
| 51 | cookie = @cookies[name.to_s] |
| 52 | if cookie && cookie.respond_to?(:value) |
| 53 | cookie.size > 1 ? cookie.value : cookie.value[0] |
| 54 | end |
| 55 | end |
| 56 | |
| 57 | def []=(name, options) |
| 58 | if options.is_a?(Hash) |
| 59 | options = options.inject({}) { |options, pair| options[pair.first.to_s] = pair.last; options } |
| 60 | options["name"] = name.to_s |
| 61 | else |
| 62 | options = { "name" => name.to_s, "value" => options } |
| 63 | end |
| 64 | |
| 65 | set_cookie(options) |
| 66 | end |
| 67 | |
| 68 | # Removes the cookie on the client machine by setting the value to an empty string |
| 69 | # and setting its expiration date into the past. Like []=, you can pass in an options |
| 70 | # hash to delete cookies with extra data such as a +path+. |
| 71 | def delete(name, options = {}) |
| 72 | options.stringify_keys! |
| 73 | set_cookie(options.merge("name" => name.to_s, "value" => "", "expires" => Time.at(0))) |
| 74 | end |
| 75 | |
| 76 | private |
| 77 | def set_cookie(options) #:doc: |
| 78 | options["path"] = "/" unless options["path"] |
| 79 | cookie = CGI::Cookie.new(options) |
| 80 | @controller.logger.info "Cookie set: #{cookie}" unless @controller.logger.nil? |
| 81 | @controller.response.headers["cookie"] << cookie |
| 82 | end |
| 83 | end |
| 84 | end |
Note: See TracBrowser for help on using the browser.
