InvalidMessage is in ActiveSupport::MessageEncryptor namespace

Closes #9302

InvalidMessage is in ActiveSupport::MessageEncryptor namespace
Closes #9302
00147c87 · Santiago Pastorino · a7009172 · 00147c87 · 00147c87
Showing with 19 addition and 4 deletion

actionpack/lib/action_dispatch/middleware/cookies.rb actionpack/lib/action_dispatch/middleware/cookies.rb +1 -1

actionpack/test/dispatch/cookies_test.rb actionpack/test/dispatch/cookies_test.rb +18 -3

未找到文件。
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -410,7 +410,7 @@ def [](key)
          @encryptor.decrypt_and_verify(encrypted_message)
        end
      rescue ActiveSupport::MessageVerifier::InvalidSignature,
-             ActiveSupport::MessageVerifier::InvalidMessage
+             ActiveSupport::MessageEncryptor::InvalidMessage
        nil
      end


--- a/actionpack/test/dispatch/cookies_test.rb
+++ b/actionpack/test/dispatch/cookies_test.rb
@@ -72,6 +72,11 @@ def set_encrypted_cookie
      head :ok
    end

+    def set_invalid_encrypted_cookie
+      cookies[:invalid_cookie] = 'invalid--9170e00a57cfc27083363b5c75b835e477bd90cf'
+      head :ok
+    end
+
    def raise_data_overflow
      cookies.signed[:foo] = 'bye!' * 1024
      head :ok
@@ -336,6 +341,11 @@ def test_signed_cookie
    assert_equal 45, @controller.send(:cookies).signed[:user_id]
  end

+  def test_accessing_nonexistant_signed_cookie_should_not_raise_an_invalid_signature
+    get :set_signed_cookie
+    assert_nil @controller.send(:cookies).signed[:non_existant_attribute]
+  end
+
  def test_encrypted_cookie
    get :set_encrypted_cookie
    cookies = @controller.send :cookies
@@ -346,9 +356,14 @@ def test_encrypted_cookie
    assert_equal 'bar', cookies.encrypted[:foo]
  end

-  def test_accessing_nonexistant_signed_cookie_should_not_raise_an_invalid_signature
-    get :set_signed_cookie
-    assert_nil @controller.send(:cookies).signed[:non_existant_attribute]
+  def test_accessing_nonexistant_encrypted_cookie_should_not_raise_invalid_message
+    get :set_encrypted_cookie
+    assert_nil @controller.send(:cookies).encrypted[:non_existant_attribute]
+  end
+
+  def test_setting_invalid_encrypted_cookie_should_return_nil_when_accessing_it
+    get :set_invalid_encrypted_cookie
+    assert_nil @controller.send(:cookies).encrypted[:invalid_cookie]
  end

  def test_permanent_signed_cookie