Module: Otto::RequestHelpers

Defined in:
lib/otto/helpers/request.rb

Instance Method Summary collapse

Instance Method Details

#absolute_suri(host = current_server_name) ⇒ Object 



62
63
64
65
 
# File 'lib/otto/helpers/request.rb', line 62

def absolute_suri(host = current_server_name)
  prefix = local? ? 'http://' : 'https://'
  [prefix, host, request_path].join
end

#ajax?Boolean

See: stackoverflow.com/questions/10013812/how-to-prevent-jquery-ajax-from-following-a-redirect-after-a-post

Returns:

  • (Boolean) 


93
94
95
 
# File 'lib/otto/helpers/request.rb', line 93

def ajax?
  env['HTTP_X_REQUESTED_WITH'].to_s.downcase == 'xmlhttprequest'
end

#client_ipaddressObject 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'lib/otto/helpers/request.rb', line 9

def client_ipaddress
  remote_addr = env['REMOTE_ADDR']

  # If we don't have a security config or trusted proxies, use direct connection
  if !otto_security_config || !trusted_proxy?(remote_addr)
    return validate_ip_address(remote_addr)
  end

  # Check forwarded headers from trusted proxies
  forwarded_ips = [
    env['HTTP_X_FORWARDED_FOR'],
    env['HTTP_X_REAL_IP'],
    env['HTTP_CLIENT_IP'],
  ].compact.map { |header| header.split(/,\s*/) }.flatten

  # Return the first valid IP that's not a private/loopback address
  forwarded_ips.each do |ip|
    clean_ip = validate_ip_address(ip.strip)
    return clean_ip if clean_ip && !private_ip?(clean_ip)
  end

  # Fallback to remote address
  validate_ip_address(remote_addr)
end

#cookie(name) ⇒ Object 



97
98
99
 
# File 'lib/otto/helpers/request.rb', line 97

def cookie(name)
  cookies[name.to_s]
end

#cookie?(name) ⇒ Boolean

Returns:

  • (Boolean) 


101
102
103
 
# File 'lib/otto/helpers/request.rb', line 101

def cookie?(name)
  !cookie(name).to_s.empty?
end

#current_absolute_uriObject 



105
106
107
108
 
# File 'lib/otto/helpers/request.rb', line 105

def current_absolute_uri
  prefix = secure? && !local? ? 'https://' : 'http://'
  [prefix, http_host, request_path].join
end

#current_serverObject 



38
39
40
 
# File 'lib/otto/helpers/request.rb', line 38

def current_server
  [current_server_name, env['SERVER_PORT']].join(':')
end

#current_server_nameObject 



42
43
44
 
# File 'lib/otto/helpers/request.rb', line 42

def current_server_name
  env['SERVER_NAME']
end

#http_hostObject 



46
47
48
 
# File 'lib/otto/helpers/request.rb', line 46

def http_host
  env['HTTP_HOST']
end

#local?Boolean

Returns:

  • (Boolean) 


67
68
69
70
71
72
73
74
 
# File 'lib/otto/helpers/request.rb', line 67

def local?
  return false unless Otto.env?(:dev, :development)

  ip = client_ipaddress
  return false unless ip

  local_or_private_ip?(ip)
end

#request_methodObject 



34
35
36
 
# File 'lib/otto/helpers/request.rb', line 34

def request_method
  env['REQUEST_METHOD']
end

#request_pathObject 



50
51
52
 
# File 'lib/otto/helpers/request.rb', line 50

def request_path
  env['REQUEST_PATH']
end

#request_uriObject 



54
55
56
 
# File 'lib/otto/helpers/request.rb', line 54

def request_uri
  env['REQUEST_URI']
end

#root_pathObject 



58
59
60
 
# File 'lib/otto/helpers/request.rb', line 58

def root_path
  env['SCRIPT_NAME']
end

#secure?Boolean

Returns:

  • (Boolean) 


76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
# File 'lib/otto/helpers/request.rb', line 76

def secure?
  # Check direct HTTPS connection
  return true if env['HTTPS'] == 'on' || env['SERVER_PORT'] == '443'

  remote_addr = env['REMOTE_ADDR']

  # Only trust forwarded proto headers from trusted proxies
  if otto_security_config && trusted_proxy?(remote_addr)
    # X-Scheme is set by nginx
    # X-FORWARDED-PROTO is set by elastic load balancer
    return env['HTTP_X_FORWARDED_PROTO'] == 'https' || env['HTTP_X_SCHEME'] == 'https'
  end

  false
end

#user_agentObject 



5
6
7
 
# File 'lib/otto/helpers/request.rb', line 5

def user_agent
  env['HTTP_USER_AGENT']
end