1 files changed, 29 insertions, 0 deletions

diff --git a/lib/whatdotheyknow/strip_empty_sessions.rb b/lib/whatdotheyknow/strip_empty_sessions.rb
new file mode 100644
index 000000000..9c87a4bbc
--- /dev/null
+++ b/lib/whatdotheyknow/strip_empty_sessions.rb
@@ -0,0 +1,29 @@
+module WhatDoTheyKnow
+  
+  class StripEmptySessions
+    ENV_SESSION_KEY = "rack.session".freeze
+    HTTP_SET_COOKIE = "Set-Cookie".freeze
+    STRIPPABLE_KEYS = [:session_id, :_csrf_token]
+
+    def initialize(app, options = {})
+      @app = app
+      @options = options
+    end
+
+    def call(env)
+      status, headers, body = @app.call(env)
+      session_data = env[ENV_SESSION_KEY]
+      set_cookie = headers[HTTP_SET_COOKIE]
+      if session_data
+        if (session_data.keys - STRIPPABLE_KEYS).empty?
+          if set_cookie.is_a? Array
+            set_cookie.reject! {|c| c.match(/^\n?#{@options[:key]}=/)}
+          elsif set_cookie.is_a? String
+            headers[HTTP_SET_COOKIE].gsub!( /(^|\n)#{@options[:key]}=.*?(\n|$)/, "" )
+          end
+        end
+      end
+      [status, headers, body]
+    end
+  end
+end