Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
By Sarah Gooding - Aug 22, 2025
rack-user-locale
Rack User Locale
A Rack module for getting and setting a user's locale via a cookie or browser default language.
Requirements
- Ruby >= 3.0
For Ruby < 3.0 use version 2.0.1.
Installation
In a Gemfile:
gem 'rack-user-locale', require: "user_locale"
Usage
Add the following line to your Rack application
use Rack::UserLocale
and thats it!!
Your application will now attempt to set the I18n.locale value based on the following:
- Whether a user has a
user-localecookie set - The "HTTP_ACCEPT_LANGUAGE" value. If there are multiple values it will attempt to set the one ranked highest
- The I18n.default_locale value (basically a fallback)
Note:
The user locale detection is done on every Rack::Request, which would include all of the non Ruby/Rack actions like .css or .js files.
If you don't want this happen then you can use Rack::Static in your application and filter out which files Rack should serve up statically.
Something like this:
use Rack::Static, urls: ["/css", "/js"], root: "public"
This would serve anything in your public folder statically and wouldn't create a Rack::Request.
See the Rack::Static docs for more info.
Options
Accepted Locales
use Rack::UserLocale, accepted_locales: [:de, :en, :es, :fr, :ja, :pt, :zh] #(whatever codes you support)
If this option is supplied the users locale will either be set to one of the accepted locales in the array, otherwise it will be set to the I18n.default_locale value.
Should you wish to overwrite a users locale value at any point in your application, like for changing language prefs, then simple rewrite the user-locale cookie with a new value.
Cookie Name
If you don't want to use the default cookie name of user-locale, you can set it to something else by passing a cookie_name option.
use Rack::UserLocale, cookie_name: "some-cookie-name"
Inspiration
Credit to these gems for pointing me in the direction I wanted to go in...
- https://github.com/rack/rack-contrib/blob/main/lib/rack/contrib/locale.rb
- https://github.com/jeremyvdw/rack-locale-selector
- https://github.com/jeffersongirao/rack-locale_chooser
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/technicalpanda/rack-user-locale. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.
License
The gem is available as open source under the terms of the MIT License.
Code of Conduct
Everyone interacting with this project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.
FAQs
Unknown package
We found that rack-user-locale demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 06 May 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ESLint Adds Support for Parallel Linting, Closing 10-Year-Old Feature Request
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
By Sarah Gooding - Aug 22, 2025
Research
/Security News
Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.
By Kirill Boychenko - Aug 21, 2025