Class: RuboCop::Cop::Legion::Framework::SinatraHostAuth

Inherits:

Base

Object
Base
RuboCop::Cop::Legion::Framework::SinatraHostAuth

show all

Defined in:: lib/rubocop/cop/legion/framework/sinatra_host_auth.rb

Overview

Detects Sinatra::Base subclasses that do not call ‘set :host_authorization`. Sinatra 4.0+ rejects all requests without this configuration, returning HTTP 403.

Examples:

# bad
class MyApp < Sinatra::Base
  get '/' do
    'hello'
  end
end

# good
class MyApp < Sinatra::Base
  set :host_authorization, permitted: :any

  get '/' do
    'hello'
  end
end

Constant Summary collapse

MSG =

'Sinatra 4.0+ requires `set :host_authorization, permitted: :any` or all requests get 403.'

SEVERITY =

:convention

Instance Method Summary collapse

#on_class(node) ⇒ Object

Instance Method Details

#on_class(node) ⇒ `Object`

# File 'lib/rubocop/cop/legion/framework/sinatra_host_auth.rb', line 31

def on_class(node)
  return unless sinatra_base_subclass?(node)
  return if body_sets_host_authorization?(node)

  add_offense(node, severity: SEVERITY)
end