Revert "Eagerly load Signed and Permanent cookies"

This reverts commit dffeda37.

Revert "Eagerly load Signed and Permanent cookies"
This reverts commit dffeda37.
5b0149a1 · Santiago Pastorino · 17205435 · 5b0149a1
隐藏空白更改
内联并排

Showing with 10 addition and 17 deletion

actionpack/lib/action_dispatch/middleware/cookies.rb actionpack/lib/action_dispatch/middleware/cookies.rb +10 -17

未找到文件。
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -116,8 +116,6 @@ def initialize(secret = nil, host = nil, secure = false)
        @host = host
        @secure = secure
        @cookies = {}
-        @permanent = PermanentCookieJar.new(self, @secret)
-        @signed = @secret && SignedCookieJar.new(self, @secret)
      end

      alias :closed? :frozen?
@@ -195,7 +193,9 @@ def delete(key, options = {})
      #
      #   cookies.permanent.signed[:remember_me] = current_user.id
      #   # => Set-Cookie: remember_me=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT
-      attr_reader :permanent
+      def permanent
+        @permanent ||= PermanentCookieJar.new(self, @secret)
+      end

      # Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from
      # the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed
@@ -211,8 +211,7 @@ def delete(key, options = {})
      #
      #   cookies.signed[:discount] # => 45
      def signed
-        SignedCookieJar.ensure_secret_provided(@secret)
-        @signed
+        @signed ||= SignedCookieJar.new(self, @secret)
      end

      def write(headers)
@@ -229,9 +228,7 @@ def write_cookie?(cookie)

    class PermanentCookieJar < CookieJar #:nodoc:
      def initialize(parent_jar, secret)
-        @parent_jar = parent_jar
-        @secret = secret
-        @signed = @secret && SignedCookieJar.new(self, @secret)
+        @parent_jar, @secret = parent_jar, secret
      end

      def []=(key, options)
@@ -247,8 +244,7 @@ def []=(key, options)
      end

      def signed
-        SignedCookieJar.ensure_secret_provided(@secret)
-        @signed
+        @signed ||= SignedCookieJar.new(self, @secret)
      end

      def method_missing(method, *arguments, &block)
@@ -261,8 +257,7 @@ class SignedCookieJar < CookieJar #:nodoc:
      SECRET_MIN_LENGTH = 30 # Characters

      def initialize(parent_jar, secret)
-        self.class.ensure_secret_provided(secret)
-        self.class.ensure_secret_length(secret)
+        ensure_secret_secure(secret)
        @parent_jar = parent_jar
        @verifier   = ActiveSupport::MessageVerifier.new(secret)
      end
@@ -294,7 +289,9 @@ def method_missing(method, *arguments, &block)

    protected

-      def self.ensure_secret_provided(secret)
+      # To prevent users from using something insecure like "Password" we make sure that the
+      # secret they've provided is at least 30 characters in length.
+      def ensure_secret_secure(secret)
        if secret.blank?
          raise ArgumentError, "A secret is required to generate an " +
            "integrity hash for cookie session data. Use " +
@@ -302,11 +299,7 @@ def self.ensure_secret_provided(secret)
            "least #{SECRET_MIN_LENGTH} characters\"" +
            "in config/initializers/secret_token.rb"
        end
-      end

-      # To prevent users from using something insecure like "Password" we make sure that the
-      # secret they've provided is at least 30 characters in length.
-      def self.ensure_secret_length(secret)
        if secret.length < SECRET_MIN_LENGTH
          raise ArgumentError, "Secret should be something secure, " +
            "like \"#{ActiveSupport::SecureRandom.hex(16)}\".  The value you " +