mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Use #bytesize
instead of #size
when checking for cookie overflow
Although the cookie values happens to be ASCII strings because they are Base64 encoded, it is semantically incorrect to check for the number of the characters in the cookie, when we actually want to check for the number of the bytes it consists of. Furthermore it is unecessary coupling with the current implementation that uses Base64 for encoding the values.
This commit is contained in:
parent
00aae7cb38
commit
e67f001e7c
2 changed files with 7 additions and 2 deletions
|
@ -1,3 +1,8 @@
|
|||
* Use `String#bytesize` instead of `String#size` when checking for cookie
|
||||
overflow.
|
||||
|
||||
*Agis Anastasopoulos*
|
||||
|
||||
* `render nothing: true` or rendering a `nil` body no longer add a single
|
||||
space to the response body.
|
||||
|
||||
|
|
|
@ -468,7 +468,7 @@ module ActionDispatch
|
|||
options = { :value => @verifier.generate(serialize(name, options)) }
|
||||
end
|
||||
|
||||
raise CookieOverflow if options[:value].size > MAX_COOKIE_SIZE
|
||||
raise CookieOverflow if options[:value].bytesize > MAX_COOKIE_SIZE
|
||||
@parent_jar[name] = options
|
||||
end
|
||||
|
||||
|
@ -526,7 +526,7 @@ module ActionDispatch
|
|||
|
||||
options[:value] = @encryptor.encrypt_and_sign(serialize(name, options[:value]))
|
||||
|
||||
raise CookieOverflow if options[:value].size > MAX_COOKIE_SIZE
|
||||
raise CookieOverflow if options[:value].bytesize > MAX_COOKIE_SIZE
|
||||
@parent_jar[name] = options
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in a new issue