1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
# frozen_string_literal: true
require_relative 'suggestion'
module Tooling
module Danger
class CookieSetting < Suggestion
MATCH = %r{cookies(?:\.encrypted|\.signed|\.permanent)*\[([^\]]+)\]\s*=[^=]}
REPLACEMENT = nil
DOCUMENTATION_LINK = 'https://docs.gitlab.com/ee/development/cookies.html#cookies-on-rails'
SUGGESTION = <<~MESSAGE_MARKDOWN.freeze
It looks like you are setting a server-side cookie. Please note that if you set
the `:domain` attribute for this cookie, you must ensure the cookie is unset when
the user logs out. Most cookies do not require this attribute.
----
For more information, see [cookies documentation](#{DOCUMENTATION_LINK}).
MESSAGE_MARKDOWN
end
end
end
|
