Merge pull request #9916 from neerajdotname/no-exception-when-cookie-…

…is-tampered-with nil is retuned if cookie is tampered with [ci skip]
rails · Mar 25, 2013 · 3450eff · 3450eff
2 parents 8caafd9 + d36cfa2
commit 3450eff
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -115,8 +115,7 @@ def permanent
 
       # Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from
       # the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed
-      # cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception will
-      # be raised.
+      # cookie was tampered with by the user (or a 3rd party), nil will be returned.
       #
       # This jar requires that you set a suitable secret for the verification on your app's +config.secret_key_base+.
       #
@@ -142,8 +141,7 @@ def signed_using_old_secret #:nodoc:
       end
 
       # Returns a jar that'll automatically encrypt cookie values before sending them to the client and will decrypt them for read.
-      # If the cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception
-      # will be raised.
+      # If the cookie was tampered with by the user (or a 3rd party), nil will be returned.
       #
       # This jar requires that you set a suitable secret for the verification on your app's +config.secret_key_base+.
       #