<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type" />
<title>Class: Rack::Session::Cookie</title>
<link rel="stylesheet" href="../../rdoc.css" type="text/css" media="screen" />
<script src="../../js/jquery.js" type="text/javascript" charset="utf-8"></script>
<script src="../../js/thickbox-compressed.js" type="text/javascript" charset="utf-8"></script>
<script src="../../js/quicksearch.js" type="text/javascript" charset="utf-8"></script>
<script src="../../js/darkfish.js" type="text/javascript" charset="utf-8"></script>
</head>
<body id="top" class="class">
<div id="metadata">
<div id="home-metadata">
<div id="home-section" class="section">
<h3 class="section-header">
<a href="../../index.html">Home</a>
<a href="../../index.html#classes">Classes</a>
<a href="../../index.html#methods">Methods</a>
</h3>
</div>
</div>
<div id="file-metadata">
<div id="file-list-section" class="section">
<h3 class="section-header">In Files</h3>
<div class="section-body">
<ul>
<li><a href="../../lib/rack/session/cookie_rb.html?TB_iframe=true&height=550&width=785"
class="thickbox" title="lib/rack/session/cookie.rb">lib/rack/session/cookie.rb</a></li>
</ul>
</div>
</div>
</div>
<div id="class-metadata">
<!-- Parent Class -->
<div id="parent-class-section" class="section">
<h3 class="section-header">Parent</h3>
<p class="link">Abstract::ID</p>
</div>
<!-- Namespace Contents -->
<div id="namespace-list-section" class="section">
<h3 class="section-header">Namespace</h3>
<ul class="link-list">
<li><span class="type">CLASS</span> <a href="Cookie/Base64.html">Rack::Session::Cookie::Base64</a></li>
<li><span class="type">CLASS</span> <a href="Cookie/Identity.html">Rack::Session::Cookie::Identity</a></li>
</ul>
</div>
<!-- Method Quickref -->
<div id="method-list-section" class="section">
<h3 class="section-header">Methods</h3>
<ul class="link-list">
<li><a href="#method-c-new">::new</a></li>
</ul>
</div>
</div>
<div id="project-metadata">
<div id="fileindex-section" class="section project-section">
<h3 class="section-header">Files</h3>
<ul>
<li class="file"><a href="../../KNOWN-ISSUES.html">KNOWN-ISSUES</a></li>
</ul>
</div>
<div id="classindex-section" class="section project-section">
<h3 class="section-header">Class/Module Index
<span class="search-toggle"><img src="../../images/find.png"
height="16" width="16" alt="[+]"
title="show/hide quicksearch" /></span></h3>
<form action="#" method="get" accept-charset="utf-8" class="initially-hidden">
<fieldset>
<legend>Quicksearch</legend>
<input type="text" name="quicksearch" value=""
class="quicksearch-field" />
</fieldset>
</form>
<ul class="link-list">
<li><a href="../../Rack.html">Rack</a></li>
<li><a href="../../Rack/Auth.html">Rack::Auth</a></li>
<li><a href="../../Rack/Auth/AbstractHandler.html">Rack::Auth::AbstractHandler</a></li>
<li><a href="../../Rack/Auth/AbstractRequest.html">Rack::Auth::AbstractRequest</a></li>
<li><a href="../../Rack/Auth/Basic.html">Rack::Auth::Basic</a></li>
<li><a href="../../Rack/Auth/Basic/Request.html">Rack::Auth::Basic::Request</a></li>
<li><a href="../../Rack/Auth/Digest.html">Rack::Auth::Digest</a></li>
<li><a href="../../Rack/Auth/Digest/MD5.html">Rack::Auth::Digest::MD5</a></li>
<li><a href="../../Rack/Auth/Digest/Nonce.html">Rack::Auth::Digest::Nonce</a></li>
<li><a href="../../Rack/Auth/Digest/Params.html">Rack::Auth::Digest::Params</a></li>
<li><a href="../../Rack/Auth/Digest/Request.html">Rack::Auth::Digest::Request</a></li>
<li><a href="../../Rack/BodyProxy.html">Rack::BodyProxy</a></li>
<li><a href="../../Rack/Builder.html">Rack::Builder</a></li>
<li><a href="../../Rack/Cascade.html">Rack::Cascade</a></li>
<li><a href="../../Rack/Chunked.html">Rack::Chunked</a></li>
<li><a href="../../Rack/Chunked/Body.html">Rack::Chunked::Body</a></li>
<li><a href="../../Rack/CommonLogger.html">Rack::CommonLogger</a></li>
<li><a href="../../Rack/ConditionalGet.html">Rack::ConditionalGet</a></li>
<li><a href="../../Rack/Config.html">Rack::Config</a></li>
<li><a href="../../Rack/ContentLength.html">Rack::ContentLength</a></li>
<li><a href="../../Rack/ContentType.html">Rack::ContentType</a></li>
<li><a href="../../Rack/Deflater.html">Rack::Deflater</a></li>
<li><a href="../../Rack/Deflater/DeflateStream.html">Rack::Deflater::DeflateStream</a></li>
<li><a href="../../Rack/Deflater/GzipStream.html">Rack::Deflater::GzipStream</a></li>
<li><a href="../../Rack/Directory.html">Rack::Directory</a></li>
<li><a href="../../Rack/ETag.html">Rack::ETag</a></li>
<li><a href="../../Rack/File.html">Rack::File</a></li>
<li><a href="../../Rack/ForwardRequest.html">Rack::ForwardRequest</a></li>
<li><a href="../../Rack/Handler.html">Rack::Handler</a></li>
<li><a href="../../Rack/Handler/CGI.html">Rack::Handler::CGI</a></li>
<li><a href="../../Rack/Handler/EventedMongrel.html">Rack::Handler::EventedMongrel</a></li>
<li><a href="../../Rack/Handler/FastCGI.html">Rack::Handler::FastCGI</a></li>
<li><a href="../../Rack/Handler/LSWS.html">Rack::Handler::LSWS</a></li>
<li><a href="../../Rack/Handler/Mongrel.html">Rack::Handler::Mongrel</a></li>
<li><a href="../../Rack/Handler/SCGI.html">Rack::Handler::SCGI</a></li>
<li><a href="../../Rack/Handler/SwiftipliedMongrel.html">Rack::Handler::SwiftipliedMongrel</a></li>
<li><a href="../../Rack/Handler/Thin.html">Rack::Handler::Thin</a></li>
<li><a href="../../Rack/Handler/WEBrick.html">Rack::Handler::WEBrick</a></li>
<li><a href="../../Rack/Head.html">Rack::Head</a></li>
<li><a href="../../Rack/Lint.html">Rack::Lint</a></li>
<li><a href="../../Rack/Lobster.html">Rack::Lobster</a></li>
<li><a href="../../Rack/Lock.html">Rack::Lock</a></li>
<li><a href="../../Rack/Logger.html">Rack::Logger</a></li>
<li><a href="../../Rack/MethodOverride.html">Rack::MethodOverride</a></li>
<li><a href="../../Rack/Mime.html">Rack::Mime</a></li>
<li><a href="../../Rack/MockRequest.html">Rack::MockRequest</a></li>
<li><a href="../../Rack/MockRequest/FatalWarner.html">Rack::MockRequest::FatalWarner</a></li>
<li><a href="../../Rack/MockRequest/FatalWarning.html">Rack::MockRequest::FatalWarning</a></li>
<li><a href="../../Rack/MockResponse.html">Rack::MockResponse</a></li>
<li><a href="../../Rack/Multipart.html">Rack::Multipart</a></li>
<li><a href="../../Rack/Multipart/Generator.html">Rack::Multipart::Generator</a></li>
<li><a href="../../Rack/Multipart/MultipartPartLimitError.html">Rack::Multipart::MultipartPartLimitError</a></li>
<li><a href="../../Rack/Multipart/Parser.html">Rack::Multipart::Parser</a></li>
<li><a href="../../Rack/Multipart/UploadedFile.html">Rack::Multipart::UploadedFile</a></li>
<li><a href="../../Rack/NullLogger.html">Rack::NullLogger</a></li>
<li><a href="../../Rack/Recursive.html">Rack::Recursive</a></li>
<li><a href="../../Rack/Reloader.html">Rack::Reloader</a></li>
<li><a href="../../Rack/Reloader/Stat.html">Rack::Reloader::Stat</a></li>
<li><a href="../../Rack/Request.html">Rack::Request</a></li>
<li><a href="../../Rack/Response.html">Rack::Response</a></li>
<li><a href="../../Rack/Response/Helpers.html">Rack::Response::Helpers</a></li>
<li><a href="../../Rack/RewindableInput.html">Rack::RewindableInput</a></li>
<li><a href="../../Rack/RewindableInput/Tempfile.html">Rack::RewindableInput::Tempfile</a></li>
<li><a href="../../Rack/Runtime.html">Rack::Runtime</a></li>
<li><a href="../../Rack/Sendfile.html">Rack::Sendfile</a></li>
<li><a href="../../Rack/Server.html">Rack::Server</a></li>
<li><a href="../../Rack/Server/Options.html">Rack::Server::Options</a></li>
<li><a href="../../Rack/Session.html">Rack::Session</a></li>
<li><a href="../../Rack/Session/Abstract.html">Rack::Session::Abstract</a></li>
<li><a href="../../Rack/Session/Abstract/ID.html">Rack::Session::Abstract::ID</a></li>
<li><a href="../../Rack/Session/Abstract/SessionHash.html">Rack::Session::Abstract::SessionHash</a></li>
<li><a href="../../Rack/Session/Cookie.html">Rack::Session::Cookie</a></li>
<li><a href="../../Rack/Session/Cookie/Base64.html">Rack::Session::Cookie::Base64</a></li>
<li><a href="../../Rack/Session/Cookie/Base64/JSON.html">Rack::Session::Cookie::Base64::JSON</a></li>
<li><a href="../../Rack/Session/Cookie/Base64/Marshal.html">Rack::Session::Cookie::Base64::Marshal</a></li>
<li><a href="../../Rack/Session/Cookie/Base64/ZipJSON.html">Rack::Session::Cookie::Base64::ZipJSON</a></li>
<li><a href="../../Rack/Session/Cookie/Identity.html">Rack::Session::Cookie::Identity</a></li>
<li><a href="../../Rack/Session/Memcache.html">Rack::Session::Memcache</a></li>
<li><a href="../../Rack/Session/Pool.html">Rack::Session::Pool</a></li>
<li><a href="../../Rack/ShowExceptions.html">Rack::ShowExceptions</a></li>
<li><a href="../../Rack/ShowStatus.html">Rack::ShowStatus</a></li>
<li><a href="../../Rack/Static.html">Rack::Static</a></li>
<li><a href="../../Rack/TempfileReaper.html">Rack::TempfileReaper</a></li>
<li><a href="../../Rack/URLMap.html">Rack::URLMap</a></li>
<li><a href="../../Rack/Utils.html">Rack::Utils</a></li>
<li><a href="../../Rack/Utils/Context.html">Rack::Utils::Context</a></li>
<li><a href="../../Rack/Utils/HeaderHash.html">Rack::Utils::HeaderHash</a></li>
<li><a href="../../Rack/Utils/InvalidParameterError.html">Rack::Utils::InvalidParameterError</a></li>
<li><a href="../../Rack/Utils/KeySpaceConstrainedParams.html">Rack::Utils::KeySpaceConstrainedParams</a></li>
<li><a href="../../Rack/Multipart.html">Rack::Utils::Multipart</a></li>
<li><a href="../../Rack/Utils/OkJson.html">Rack::Utils::OkJson</a></li>
<li><a href="../../Rack/Utils/OkJson/Error.html">Rack::Utils::OkJson::Error</a></li>
<li><a href="../../Rack/Utils/OkJson/Utf8Error.html">Rack::Utils::OkJson::Utf8Error</a></li>
<li><a href="../../Rack/Utils/ParameterTypeError.html">Rack::Utils::ParameterTypeError</a></li>
<li><a href="../../FCGI.html">FCGI</a></li>
<li><a href="../../FCGI/Stream.html">FCGI::Stream</a></li>
<li><a href="../../WEBrick.html">WEBrick</a></li>
<li><a href="../../WEBrick/HTTPResponse.html">WEBrick::HTTPResponse</a></li>
<li><a href="../../Object.html">Object</a></li>
</ul>
<div id="no-class-search-results" style="display: none;">No matching classes.</div>
</div>
</div>
</div>
<div id="documentation">
<h1 class="class">Rack::Session::Cookie</h1>
<div id="description" class="description">
<p><a href="Cookie.html">Rack::Session::Cookie</a> provides simple cookie
based session management. By default, the session is a Ruby Hash stored as
base64 encoded marshalled data set to :key (default: rack.session). The
object that encodes the session data is configurable and must respond to
<tt>encode</tt> and <tt>decode</tt>. Both methods must take a string and
return a string.</p>
<p>When the secret key is set, cookie data is checked for data integrity. The
old secret key is also accepted and allows graceful secret rotation.</p>
<p>Example:</p>
<pre>use Rack::Session::Cookie, :key => 'rack.session',
:domain => 'foo.com',
:path => '/',
:expire_after => 2592000,
:secret => 'change_me',
:old_secret => 'also_change_me'
All parameters are optional.</pre>
<p>Example of a cookie with no encoding:</p>
<pre>Rack::Session::Cookie.new(application, {
:coder => Rack::Session::Cookie::Identity.new
})</pre>
<p>Example of a cookie with custom encoding:</p>
<pre>Rack::Session::Cookie.new(application, {
:coder => Class.new {
def encode(str); str.reverse; end
def decode(str); str.reverse; end
}.new
})</pre>
</div><!-- description -->
<div id="5Buntitled-5D" class="documentation-section">
<!-- Attributes -->
<div id="attribute-method-details" class="method-section section">
<h3 class="section-header">Attributes</h3>
<div id="coder-attribute-method" class="method-detail">
<a name="coder"></a>
<div class="method-heading attribute-method-heading">
<span class="method-name">coder</span><span
class="attribute-access-type">[R]</span>
</div>
<div class="method-description">
</div>
</div>
</div><!-- attribute-method-details -->
<!-- Methods -->
<div id="public-class-method-details" class="method-section section">
<h3 class="section-header">Public Class Methods</h3>
<div id="new-method" class="method-detail ">
<a name="method-c-new"></a>
<div class="method-heading">
<span class="method-name">new</span><span
class="method-args">(app, options={})</span>
<span class="method-click-advice">click to toggle source</span>
</div>
<div class="method-description">
<div class="method-source-code" id="new-source">
<pre>
<span class="ruby-comment"># File lib/rack/session/cookie.rb, line 105</span>
<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">app</span>, <span class="ruby-identifier">options</span>={})
<span class="ruby-ivar">@secrets</span> = <span class="ruby-identifier">options</span>.<span class="ruby-identifier">values_at</span>(<span class="ruby-value">:secret</span>, <span class="ruby-value">:old_secret</span>).<span class="ruby-identifier">compact</span>
<span class="ruby-identifier">warn</span> <span class="ruby-string"> SECURITY WARNING: No secret option provided to Rack::Session::Cookie. This poses a security threat. It is strongly recommended that you provide a secret to prevent exploits that may be possible from crafted cookies. This will not be supported in future versions of Rack, and future versions will even invalidate your existing user cookies. Called from: #{caller[0]}.</span> <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@secrets</span>.<span class="ruby-identifier">size</span> <span class="ruby-operator">>=</span> <span class="ruby-value">1</span>
<span class="ruby-ivar">@coder</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:coder</span>] <span class="ruby-operator">||=</span> <span class="ruby-constant">Base64</span><span class="ruby-operator">::</span><span class="ruby-constant">Marshal</span>.<span class="ruby-identifier">new</span>
<span class="ruby-keyword">super</span>(<span class="ruby-identifier">app</span>, <span class="ruby-identifier">options</span>.<span class="ruby-identifier">merge!</span>(<span class="ruby-value">:cookie_only</span> =<span class="ruby-operator">></span> <span class="ruby-keyword">true</span>))
<span class="ruby-keyword">end</span></pre>
</div><!-- new-source -->
</div>
</div><!-- new-method -->
</div><!-- public-class-method-details -->
</div><!-- 5Buntitled-5D -->
</div><!-- documentation -->
<div id="validator-badges">
<p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
<p><small>Generated with the <a href="http://deveiate.org/projects/Darkfish-Rdoc/">Darkfish
Rdoc Generator</a> 2</small>.</p>
</div>
</body>
</html>
|