kotovalexarian-likes-github
/
rails--rails
mirror of https://github.com/rails/rails.git
1
0
Fork 0
Code Releases Activity

Added a warning about serializing data with JSON cookie jars [skip ci] 

Closes #14409
This commit is contained in:
Godfrey Chan 2014-03-19 15:19:44 -07:00
parent c7a307ccd1
commit 3dad856a1a
2 changed files with 48 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
guides/source/action_controller_overview.md
View File

@ -619,6 +619,30 @@ It is also possible to pass a custom serializer that responds to `load` and
Rails.application.config.action_dispatch.cookies_serializer = MyCustomSerializer
```
When using the `:json` or `:hybrid` serializer, you should beware that not all
Ruby objects can be serialized as JSON. For example, `Date` and `Time` objects
will be serialized as strings, and `Hash`es will have their keys stringified.
```ruby
class CookiesController < ApplicationController
def set_cookie
cookies.encrypted[:expiration_date] = Date.tomorrow # => Thu, 20 Mar 2014
redirect_to action: 'read_cookie'
end
def read_cookie
cookies.encrypted[:expiration_date] # => "2014-03-20"
end
end
```
It's advisable that you only store simple data (strings and numbers) in cookies.
If you have to store complex objects, you would need to handle the conversion
manually when reading the values on subsequent requests.
If you use the cookie session store, this would apply to the `session` and
`flash` hash as well.
Rendering XML and JSON data
---------------------------

24
guides/source/upgrading_ruby_on_rails.md
View File

@ -111,6 +111,30 @@ in your application, you can add an initializer file with the following content:
This would transparently migrate your existing `Marshal`-serialized cookies into the
new `JSON`-based format.
When using the `:json` or `:hybrid` serializer, you should beware that not all
Ruby objects can be serialized as JSON. For example, `Date` and `Time` objects
will be serialized as strings, and `Hash`es will have their keys stringified.
```ruby
class CookiesController < ApplicationController
def set_cookie
cookies.encrypted[:expiration_date] = Date.tomorrow # => Thu, 20 Mar 2014
redirect_to action: 'read_cookie'
end
def read_cookie
cookies.encrypted[:expiration_date] # => "2014-03-20"
end
end
```
It's advisable that you only store simple data (strings and numbers) in cookies.
If you have to store complex objects, you would need to handle the conversion
manually when reading the values on subsequent requests.
If you use the cookie session store, this would apply to the `session` and
`flash` hash as well.
### Flash structure changes
Flash message keys are