{"id":15432445,"url":"https://github.com/icoretech/rack-strip-cookies","last_synced_at":"2025-10-11T09:32:23.663Z","repository":{"id":11748114,"uuid":"14277998","full_name":"icoretech/rack-strip-cookies","owner":"icoretech","description":"💎 Rack middleware to remove cookies at user-defined paths","archived":false,"fork":false,"pushed_at":"2025-09-28T18:16:15.000Z","size":52,"stargazers_count":7,"open_issues_count":1,"forks_count":4,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-10-09T19:19:56.483Z","etag":null,"topics":["gem","rack","ruby","ruby-on-rails"],"latest_commit_sha":null,"homepage":"https://rubygems.org/gems/rack-strip-cookies","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/icoretech.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-11-10T14:49:06.000Z","updated_at":"2025-09-28T18:15:41.000Z","dependencies_parsed_at":"2024-09-16T10:23:15.120Z","dependency_job_id":null,"html_url":"https://github.com/icoretech/rack-strip-cookies","commit_stats":{"total_commits":59,"total_committers":6,"mean_commits":9.833333333333334,"dds":0.2542372881355932,"last_synced_commit":"d4a0f8caad0311c6c7dc3a87c96a86f46885e38f"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/icoretech/rack-strip-cookies","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icoretech%2Frack-strip-cookies","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icoretech%2Frack-strip-cookies/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icoretech%2Frack-strip-cookies/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icoretech%2Frack-strip-cookies/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/icoretech","download_url":"https://codeload.github.com/icoretech/rack-strip-cookies/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/icoretech%2Frack-strip-cookies/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279006752,"owners_count":26084180,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-11T02:00:06.511Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gem","rack","ruby","ruby-on-rails"],"created_at":"2024-10-01T18:26:36.350Z","updated_at":"2025-10-11T09:32:23.368Z","avatar_url":"https://github.com/icoretech.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Rack::StripCookies\n\nRack::StripCookies is a straightforward Rack middleware that deletes cookies at designated paths, including support for wildcard patterns. This allows for flexible and selective cookie management across various parts of your application.\n\n[![Gem Version](https://badge.fury.io/rb/rack-strip-cookies.svg)](https://badge.fury.io/rb/rack-strip-cookies)\n![Git Tag](http://img.shields.io/github/tag/icoretech/rack-strip-cookies.svg)\n![Licence](http://img.shields.io/badge/license-MIT-brightgreen.svg)\n[![Build Status](https://github.com/icoretech/rack-strip-cookies/actions/workflows/release.yml/badge.svg)](https://github.com/icoretech/rack-strip-cookies/actions/workflows/release.yml)\n\n## Table of Contents\n\n- [Getting Started](#getting-started)\n  - [Installation](#installation)\n- [Overview](#overview)\n- [Usage Scenarios](#usage-scenarios)\n- [Usage Examples](#usage-examples)\n  - [Using with Rack Alone](#using-with-rack-alone)\n  - [Integrating with Ruby on Rails](#integrating-with-ruby-on-rails)\n  - [Using with Sinatra](#using-with-sinatra)\n  - [Using with Padrino](#using-with-padrino)\n  - [Advanced Configuration Options](#advanced-configuration-options)\n    - [Wildcard Path Patterns](#wildcard-path-patterns)\n    - [Inverting Path Matching](#inverting-path-matching)\n    - [Multiple Paths](#multiple-paths)\n  - [Combining with Other Middleware](#combining-with-other-middleware)\n- [Running Tests Locally](#running-tests-locally)\n- [How to Contribute](#how-to-contribute)\n- [License](#license)\n- [Contact](#contact)\n\n## Getting Started\n\n### Installation\n\nTo include this gem in your project, add the following line to your `Gemfile`:\n\n```ruby\ngem 'rack-strip-cookies', '~\u003e 2.0.0'\n```\n\nThen, run the bundle command:\n\n```sh\nbundle install\n```\n\n## Overview\n\nThe primary aim of this gem is to not only prevent a client from receiving a cookie through the `Set-Cookie` header but also to eliminate cookies sent in the request. Consequently, provided the middleware is correctly positioned in the stack, any cookies sent by the client will not reach your application layer.\n\n## Usage Scenarios\n\n- **Defective Third-Party Libraries**: If a third-party library in your application is defective and throws an exception when cookies are present in a request (e.g., an authentication engine), this gem can be helpful.\n- **Disable Session Cookies**: Provides a simple solution if you need to disable session cookies in your framework.\n- **Selective Cookie Management**: Allows you to selectively disable cookies on specific paths or patterns, which can be configured when integrating the middleware.\n\n## Usage Examples\n\n### Using with Rack Alone\n\nIf you're building a Rack-based application without any specific framework, integrating `Rack::StripCookies` is straightforward.\n\n```ruby\n# config.ru\nrequire 'rack'\nrequire 'rack/strip-cookies'\n\n# Define your main application\napp = Proc.new do |env|\n  headers = { \"Content-Type\" =\u003e \"text/html\" }\n  headers[\"Set-Cookie\"] = \"user_id=12345; path=/dashboard; HttpOnly\"\n  [200, headers, [\"Welcome to the Dashboard\"]]\nend\n\n# Use the StripCookies middleware\nuse Rack::StripCookies, paths: ['/dashboard']\n\nrun app\n```\n\n**Explanation:**\n\n- The middleware is configured to strip cookies for the `/dashboard` path.\n- When a request is made to `/dashboard`, cookies will be stripped from both the request and response.\n\n### Integrating with Ruby on Rails\n\nTo integrate `Rack::StripCookies` into a Ruby on Rails application, follow these steps:\n\n1. **Add the Middleware**\n\n   Open `config/application.rb` and add the middleware to the stack:\n\n   ```ruby\n   # config/application.rb\n   module YourApp\n     class Application \u003c Rails::Application\n       # Insert Rack::StripCookies before ActionDispatch::Cookies\n       config.middleware.insert_before(ActionDispatch::Cookies, Rack::StripCookies, paths: ['/oauth2/token'])\n     end\n   end\n   ```\n\n2. **Configure in Specific Environments (Optional)**\n\n   If you want to enable the middleware only in certain environments (e.g., production), modify the corresponding environment file:\n\n   ```ruby\n   # config/environments/production.rb\n   Rails.application.configure do\n     config.middleware.insert_before(ActionDispatch::Cookies, Rack::StripCookies, paths: ['/oauth2/token'])\n   end\n   ```\n\n3. **Verify Middleware Order**\n\n   To confirm the middleware's position in the stack, run:\n\n   ```sh\n   bin/rails middleware\n   ```\n\n   Ensure that `Rack::StripCookies` appears before `ActionDispatch::Cookies`.\n\n### Using with Sinatra\n\nIf you're using Sinatra, you can integrate the middleware as follows:\n\n```ruby\n# app.rb\nrequire 'sinatra'\nrequire 'rack/strip-cookies'\n\nuse Rack::StripCookies, paths: ['/admin']\n\nget '/' do\n  headers \"Set-Cookie\" =\u003e \"session=abc123; path=/admin; HttpOnly\"\n  \"Welcome to the Home Page\"\nend\n\nget '/admin' do\n  \"Admin Dashboard\"\nend\n\n# To run the app:\n# ruby app.rb\n```\n\n**Explanation:**\n\n- The middleware is set to strip cookies for the `/admin` path.\n- Requests to `/admin` will have cookies removed from both the request and response.\n\n### Using with Padrino\n\nWhile the primary integrations are with Rack-based frameworks like Ruby on Rails and Sinatra, `Rack::StripCookies` can be used with any Rack-compatible framework. Here's a brief example with **Padrino**:\n\n```ruby\n# config/apps.rb\nPadrino.configure_apps do\n  use Rack::StripCookies, paths: ['/api/v1/auth']\nend\n```\n\n**Explanation:**\n\n- The middleware strips cookies for the `/api/v1/auth` path within a Padrino application.\n\n### Advanced Configuration Options\n\n`Rack::StripCookies` provides additional configuration options to customize its behavior further.\n\n#### Wildcard Path Patterns\n\nYou can define wildcard patterns to strip cookies from multiple subpaths matching a specific pattern.\n\n```ruby\nuse Rack::StripCookies, paths: ['/api/*', '/admin/*']\n```\n\n**Explanation:**\n\n- **`/api/*`**: Strips cookies from `/api/`, `/api/users`, `/api/v1/orders`, etc.\n- **`/admin/*`**: Strips cookies from `/admin/`, `/admin/settings`, `/admin/users/list`, etc.\n\n**Example Usage with Wildcards:**\n\n```ruby\n# config.ru\nrequire 'rack'\nrequire 'rack/strip-cookies'\n\napp = Proc.new do |env|\n  headers = { \"Content-Type\" =\u003e \"text/html\" }\n  headers[\"Set-Cookie\"] = \"user_id=12345; path=#{env['PATH_INFO']}; HttpOnly\"\n  [200, headers, [\"Welcome\"]]\nend\n\nuse Rack::StripCookies, paths: ['/api/*', '/admin/*']\n\nrun app\n```\n\n#### Inverting Path Matching\n\nYou can invert the path matching logic to strip cookies on all paths *except* the ones specified.\n\n```ruby\nuse Rack::StripCookies, paths: ['/public/*', '/health'], invert: true\n```\n\n**Explanation:**\n\n- Cookies will be stripped from all paths **except** those matching `/public/*` (e.g., `/public/images`, `/public/css`) and the exact path `/health`.\n\n#### Multiple Paths\n\nSpecify multiple exact paths and wildcard patterns where cookies should be stripped.\n\n```ruby\nuse Rack::StripCookies, paths: ['/login', '/signup', '/dashboard/*']\n```\n\n**Explanation:**\n\n- Cookies will be stripped from `/login`, `/signup`, and any subpath under `/dashboard/` (e.g., `/dashboard/settings`, `/dashboard/profile`).\n\n### Combining with Other Middleware\n\nYou can combine `Rack::StripCookies` with other Rack middleware to build a robust middleware stack.\n\n```ruby\nuse Rack::Logger\nuse Rack::StripCookies, paths: ['/secure', '/private/*']\nuse Rack::Static, urls: ['/images'], root: 'public'\nuse Rack::Session::Cookie, secret: 'your_secret_key'\n\nrun YourApp::Application\n```\n\n**Explanation:**\n\n- **`Rack::Logger`**: Logs each request.\n- **`Rack::StripCookies`**: Strips cookies for `/secure` and any subpaths under `/private/`.\n- **`Rack::Static`**: Serves static files from the `public` directory.\n- **`Rack::Session::Cookie`**: Manages session cookies with a secret key.\n\n## Running Tests Locally\n\nTo run the test suite on your local machine, follow these steps:\n\n1. **Install Dependencies**\n\n   Ensure you have the necessary Ruby version installed. You can use a version manager like `rbenv` or `rvm` to switch Ruby versions.\n\n   ```sh\n   bundle install\n   ```\n\n2. **Set Rack Version (Optional)**\n\n   By default, tests run against the `rack` gem version specified in your `Gemfile`. To test against a different version or branch, set the `RACK` environment variable.\n\n   ```sh\n   export RACK=3-0-stable\n   ```\n\n3. **Run Tests**\n\n   Execute the test suite using Rake:\n\n   ```sh\n   bundle exec rake test\n   ```\n\n**Note:** Ensure you have `minitest` and other testing dependencies installed.\n\n## How to Contribute\n\nWe welcome contributions to improve this project. Here's how you can participate:\n\n1. Fork this repository.\n2. Create a new feature branch on your local copy (`git checkout -b my-new-feature`).\n3. Commit your changes (`git commit -am 'Add some feature'`).\n4. Push your branch to your forked repository (`git push origin my-new-feature`).\n5. Open a new Pull Request on this repository for us to review and merge your changes.\n\n## License\n\nThis project is licensed under the [MIT License](LICENSE).\n\n## Contact\n\nFor any questions or suggestions, feel free to open an issue or contact the maintainers.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ficoretech%2Frack-strip-cookies","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ficoretech%2Frack-strip-cookies","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ficoretech%2Frack-strip-cookies/lists"}