Rack::StripCookies is a straightforward Rack middleware that deletes cookies at designated paths.
To include this gem in your project, add the following line to your Gemfile:
gem 'rack-strip-cookies', '~> 1.0.5'
Then, run the bundle command:
bundle
The primary aim of this gem is to not only prevent a client from receiving a cookie through the Set-Cookie
header, but also to eliminate cookies sent in the request.
Consequently, provided the middleware is correctly positioned in the stack, any cookies sent by the client will not reach your application layer.
- If a third-party library in your application is defective and throws an exception when cookies are present in a request (e.g., an authentication engine), this gem can be helpful.
- This gem provides a simple solution if you need to disable session cookies in your framework.
- It allows you to selectively disable cookies on specific paths, which can be configured when integrating the middleware.
If you want to make this middleware available across all environments, open config/application.rb
and add the following line in class Application < Rails::Application
:
config.middleware.insert_before(ActionDispatch::Cookies, Rack::StripCookies, paths: %w(/oauth2/token))
If you wish to enable the middleware only in certain environments, modify the corresponding environment files.
To confirm the middleware's position, run the rake middleware
command in the root directory of your application.
We welcome contributions to improve this project. Here's how you can participate:
- Fork this repository.
- Create a new feature branch on your local copy (
git checkout -b my-new-feature
). - Commit your changes (
git commit -am 'Add some feature'
). - Push your branch to your forked repository (
git push origin my-new-feature
). - Open a new Pull Request on this repository for us to review and merge your changes.