1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

PR #10635 introduces rescue from ArgumentError thrown by Base64.strict_decode64.

This broke natural order of things for `StaleSessionCheck#stale_session_check!` which tried auto_loading a class based on `ArgumentError` message , and later retrying the `Marshal#load` of class, successfully allowing auto_loading.

  This PR tries to fix this behavior by forwarding `ArgumentError` 's not raised  by `Base64.strict_decode64` , as is, ahead to `StaleSessionCheck#stale_session_check!`
This commit is contained in:
Vipul A M 2013-12-08 00:26:09 +05:30
parent 76dae289ed
commit 1f80e8d685
2 changed files with 17 additions and 2 deletions

View file

@ -39,8 +39,9 @@ module ActiveSupport
if data.present? && digest.present? && secure_compare(digest, generate_digest(data))
begin
@serializer.load(::Base64.strict_decode64(data))
rescue ArgumentError
raise InvalidSignature
rescue ArgumentError => argument_error
raise InvalidSignature if argument_error.message =~ %r{invalid base64}
raise
end
else
raise InvalidSignature

View file

@ -55,6 +55,20 @@ class MessageVerifierTest < ActiveSupport::TestCase
ActiveSupport.use_standard_json_time_format = prev
end
def test_raise_error_when_argument_class_is_not_loaded
# To generate the valid message below:
#
# AutoloadClass = Struct.new(:foo)
# valid_message = @verifier.generate(foo: AutoloadClass.new('foo'))
#
valid_message = "BAh7BjoIZm9vbzonTWVzc2FnZVZlcmlmaWVyVGVzdDo6QXV0b2xvYWRDbGFzcwY6CUBmb29JIghmb28GOgZFVA==--f3ef39a5241c365083770566dc7a9eb5d6ace914"
exception = assert_raise(ArgumentError, NameError) do
@verifier.verify(valid_message)
end
assert_includes ["uninitialized constant MessageVerifierTest::AutoloadClass",
"undefined class/module MessageVerifierTest::AutoloadClass"], exception.message
end
def assert_not_verified(message)
assert_raise(ActiveSupport::MessageVerifier::InvalidSignature) do
@verifier.verify(message)