From 94b313db8d672a57ad5deb63203e334fe1184b84 Mon Sep 17 00:00:00 2001 From: Kasper Timm Hansen Date: Sun, 6 Sep 2015 17:49:12 +0200 Subject: [PATCH] Add commit in the EncryptedCookieJar Gets rid of the option parsing and makes what the encryptor does stand out. --- .../lib/action_dispatch/middleware/cookies.rb | 24 ++++++------------- 1 file changed, 7 insertions(+), 17 deletions(-) diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index bbfd46e891..d863d84a1c 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -541,12 +541,11 @@ module ActionDispatch end end - class EncryptedCookieJar #:nodoc: - include ChainedCookieJars + class EncryptedCookieJar < AbstractCookieJar # :nodoc: include SerializedCookieJars def initialize(parent_jar) - @parent_jar = parent_jar + super if ActiveSupport::LegacyKeyGenerator === key_generator raise "You didn't set secrets.secret_key_base, which is required for this cookie jar. " + @@ -566,22 +565,13 @@ module ActionDispatch end end - # Encrypts and sets the cookie named +name+. The second argument may be the cookie's - # value or a hash of options as documented above. - def []=(name, options) - if options.is_a?(Hash) - options.symbolize_keys! - else - options = { :value => options } + private + def commit(options) + options[:value] = @encryptor.encrypt_and_sign(serialize(options[:value])) + + raise CookieOverflow if options[:value].bytesize > MAX_COOKIE_SIZE end - options[:value] = @encryptor.encrypt_and_sign(serialize(options[:value])) - - raise CookieOverflow if options[:value].bytesize > MAX_COOKIE_SIZE - @parent_jar[name] = options - end - - private def decrypt_and_verify(encrypted_message) @encryptor.decrypt_and_verify(encrypted_message) rescue ActiveSupport::MessageVerifier::InvalidSignature, ActiveSupport::MessageEncryptor::InvalidMessage