Commit a425cd147363a0e8d7e17177ef252dd760197f15 to rails's rails

a425cd1
all branches
all tags
- v2.1.0_RC1
- v2.1.0
- v2.0.3
- v2.0.2
- v2.0.1
- v2.0.0_RC2
- v2.0.0_RC1
- v2.0.0_PR
- v2.0.0
- v1.2.6
- v1.2.5
- v1.2.4
- v1.2.3
- v1.2.2
- v1.2.1
- v1.2.0_RC2
- v1.2.0_RC1
- v1.2.0
- v1.1.6
- v1.1.5
- v1.1.4
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1.0_RC1
- v1.1.0
- v1.0.0
- v0.9.5
- v0.9.4.1
- v0.9.4
- v0.9.3
- v0.9.2
- v0.9.1
- v0.14.4
- v0.14.3
- v0.14.2
- v0.14.1
- v0.13.1
- v0.13.0
- v0.12.0
- v0.11.1
- v0.11.0
- v0.10.1
- v0.10.0
comments

rails / rails

Description:	Ruby on Rails
Homepage:	http://rubyonrails.org
Clone URL:	git://github.com/rails/rails.git Give this clone URL to anyone. `git clone git://github.com/rails/rails.git`
Search Repo:

Don't double-escape cookie store data. Don't split cookie values with 
newlines into an array. [#130 state:resolved]

Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net>

rich (author)

Mon May 12 15:25:56 -0700 2008

jeremy (committer)

Mon May 12 15:26:19 -0700 2008

commit a425cd147363a0e8d7e17177ef252dd760197f15
tree d992a97129c45fe67028e8ba372164cd4ca03568
parent cde6a259bf46cdaf1f2fe5fdeb84478ca8fc3046

actionpack/lib/action_controller/cgi_ext/cookie.rb
actionpack/lib/action_controller/session/cookie_store.rb
actionpack/test/controller/cookie_test.rb
actionpack/test/controller/session/cookie_store_test.rb

actionpack/lib/action_controller/cgi_ext/cookie.rb

0
@@ -37,7 +37,7 @@
0
         @path = nil
0
       else
0
         @name = name['name']
0
-        @value =  Array(name['value'])
0
+        @value = name['value'].kind_of?(String) ? [name['value']] : Array(name['value'])
0
         @domain = name['domain']
0
         @expires = name['expires']
0
         @secure = name['secure'] || false

actionpack/lib/action_controller/session/cookie_store.rb

0
@@ -130,17 +130,20 @@
0
     # Marshal a session hash into safe cookie data. Include an integrity hash.
0
     def marshal(session)
0
       data = ActiveSupport::Base64.encode64(Marshal.dump(session)).chop
0
-      CGI.escape "#{data}--#{generate_digest(data)}"
0
+       "#{data}--#{generate_digest(data)}"
0
     end
0
 
0
     # Unmarshal cookie data to a hash and verify its integrity.
0
     def unmarshal(cookie)
0
       if cookie
0
-        data, digest = CGI.unescape(cookie).split('--')
0
-        unless digest == generate_digest(data)
0
+        data, digest = cookie.split('--')
0
+
0
+        # Do two checks to transparently support old double-escaped data.
0
+        unless digest == generate_digest(data) || digest == generate_digest(data = CGI.unescape(data))
0
           delete
0
           raise TamperedWithCookie
0
         end
0
+
0
         Marshal.load(ActiveSupport::Base64.decode64(data))
0
       end
0
     end

actionpack/test/controller/cookie_test.rb

0
@@ -137,5 +137,10 @@
0
     cookies = CGI::Cookie.parse('return_to=http://rubyonrails.org/search?term=api&scope=all&global=true')
0
     assert_equal({"return_to" => ["http://rubyonrails.org/search?term=api&scope=all&global=true"]}, cookies)
0
   end
0
+
0
+  def test_cookies_should_not_be_split_on_values_with_newlines
0
+    cookies = CGI::Cookie.new("name" => "val", "value" => "this\nis\na\ntest")
0
+    assert cookies.size == 1
0
+  end
0
 end

actionpack/test/controller/session/cookie_store_test.rb

0
@@ -43,7 +43,9 @@
0
     { :empty => ['BAgw--0686dcaccc01040f4bd4f35fe160afe9bc04c330', {}],
0
       :a_one => ['BAh7BiIGYWkG--5689059497d7f122a7119f171aef81dcfd807fec', { 'a' => 1 }],
0
       :typical => ['BAh7ByIMdXNlcl9pZGkBeyIKZmxhc2h7BiILbm90aWNlIgxIZXkgbm93--9d20154623b9eeea05c62ab819be0e2483238759', { 'user_id' => 123, 'flash' => { 'notice' => 'Hey now' }}],
0
-      :flashed => ['BAh7ByIMdXNlcl9pZGkBeyIKZmxhc2h7AA%3D%3D--bf9785a666d3c4ac09f7fe3353496b437546cfbf', { 'user_id' => 123, 'flash' => {} }] }
0
+      :flashed => ['BAh7ByIMdXNlcl9pZGkBeyIKZmxhc2h7AA==--bf9785a666d3c4ac09f7fe3353496b437546cfbf', { 'user_id' => 123, 'flash' => {} }],
0
+      :double_escaped => [CGI.escape('BAh7ByIMdXNlcl9pZGkBeyIKZmxhc2h7AA%3D%3D--bf9785a666d3c4ac09f7fe3353496b437546cfbf'), { 'user_id' => 123, 'flash' => {} }] }
0
+
0
   end
0
 
0
   def setup
0
@@ -101,6 +103,15 @@
0
     end
0
   end
0
 
0
+  def test_restores_double_encoded_cookies
0
+    set_cookie! cookie_value(:double_escaped)
0
+    new_session do |session|
0
+      session.dbman.restore
0
+      assert_equal session["user_id"], 123
0
+      assert_equal session["flash"], {}
0
+    end
0
+  end
0
+
0
   def test_close_doesnt_write_cookie_if_data_is_blank
0
     new_session do |session|
0
       assert_no_cookies session
0
@@ -241,7 +252,8 @@
0
     { :empty => ['BAgw--0415cc0be9579b14afc22ee2d341aa21', {}],
0
       :a_one => ['BAh7BiIGYWkG--5a0ed962089cc6600ff44168a5d59bc8', { 'a' => 1 }],
0
       :typical => ['BAh7ByIMdXNlcl9pZGkBeyIKZmxhc2h7BiILbm90aWNlIgxIZXkgbm93--f426763f6ef435b3738b493600db8d64', { 'user_id' => 123, 'flash' => { 'notice' => 'Hey now' }}],
0
-      :flashed => ['BAh7ByIMdXNlcl9pZGkBeyIKZmxhc2h7AA%3D%3D--0af9156650dab044a53a91a4ddec2c51', { 'user_id' => 123, 'flash' => {} }] }
0
+      :flashed => ['BAh7ByIMdXNlcl9pZGkBeyIKZmxhc2h7AA==--0af9156650dab044a53a91a4ddec2c51', { 'user_id' => 123, 'flash' => {} }],
0
+      :double_escaped => [CGI.escape('BAh7ByIMdXNlcl9pZGkBeyIKZmxhc2h7AA%3D%3D--0af9156650dab044a53a91a4ddec2c51'), { 'user_id' => 123, 'flash' => {} }] }
0
   end
0
 end

Comments

No one has commented yet.