Fix bug where cookies mutated by request were not persisted
With changes made in 8363b8 and ae29142
cookies that are mutated on the
request like `cookies.signed = x` were not retained in subsequent tests,
breaking cookie authentiation in controller tests.
The test added demonstrates the issue.
The reason we need to select from non-deleted cookies is because without
checking the `@delete_cookies` the `cookie_jar` `@cookies` will send the
wrong cookies to be updated. The code must check for `@deleted_cookies`
before sending an `#update` with the requests cookie_jar cookies.
This follows how the cookie_jar cookies from the request were updated
before these changes.
This commit is contained in:
parent
8ce0fdb5c4
commit
75a121a2c5
|
@ -476,6 +476,7 @@ module ActionController
|
|||
end
|
||||
|
||||
self.cookies.update @request.cookies
|
||||
self.cookies.update_cookies_from_jar
|
||||
@request.set_header 'HTTP_COOKIE', cookies.to_header
|
||||
@request.delete_header 'action_dispatch.cookies'
|
||||
|
||||
|
|
|
@ -319,6 +319,13 @@ module ActionDispatch
|
|||
self
|
||||
end
|
||||
|
||||
def update_cookies_from_jar
|
||||
request_jar = @request.cookie_jar.instance_variable_get(:@cookies)
|
||||
set_cookies = request_jar.reject { |k,_| @delete_cookies.key?(k) }
|
||||
|
||||
@cookies.update set_cookies if set_cookies
|
||||
end
|
||||
|
||||
def to_header
|
||||
@cookies.map { |k,v| "#{k}=#{v}" }.join ';'
|
||||
end
|
||||
|
|
|
@ -653,6 +653,15 @@ class CookiesTest < ActionController::TestCase
|
|||
end
|
||||
end
|
||||
|
||||
def test_cookie_jar_mutated_by_request_persists_on_future_requests
|
||||
get :authenticate
|
||||
cookie_jar = @request.cookie_jar
|
||||
cookie_jar.signed[:user_id] = 123
|
||||
assert_equal ["user_name", "user_id"], @request.cookie_jar.instance_variable_get(:@cookies).keys
|
||||
get :get_signed_cookie
|
||||
assert_equal ["user_name", "user_id"], @request.cookie_jar.instance_variable_get(:@cookies).keys
|
||||
end
|
||||
|
||||
def test_raises_argument_error_if_missing_secret
|
||||
assert_raise(ArgumentError, nil.inspect) {
|
||||
@request.env["action_dispatch.key_generator"] = ActiveSupport::LegacyKeyGenerator.new(nil)
|
||||
|
|
Loading…
Reference in New Issue