The current implementation allows for the path configuration option to be a string; this string is then checked to see if the request path is prefixed by this string, and if not, the request is ignored.
Instead of that, what if there was a handler configuration option which accepted a block and was passed the request? If the result of evaluating the block is true, the resource for this request is considered protected; otherwise, it isn't. The default implementation of handler is to check whether the request is under the protected path or not.
This would allow for protection of resources in a manner other than only one path (e.g. if the resource is under any one of a discrete set of paths, or if you're asking for a particular form of a resource, or if your request is to transmit a normally encrypted resource in an unencrypted manner, etc.).
The current implementation allows for the
pathconfiguration option to be a string; this string is then checked to see if the request path is prefixed by this string, and if not, the request is ignored.Instead of that, what if there was a
handlerconfiguration option which accepted a block and was passed the request? If the result of evaluating the block is true, the resource for this request is considered protected; otherwise, it isn't. The default implementation ofhandleris to check whether the request is under the protectedpathor not.This would allow for protection of resources in a manner other than only one path (e.g. if the resource is under any one of a discrete set of paths, or if you're asking for a particular form of a resource, or if your request is to transmit a normally encrypted resource in an unencrypted manner, etc.).