New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix decoding data encoded using a non-String purpose #49669
Conversation
Data encoded using a non-String purpose and `use_message_serializer_for_metadata == false` was incorrectly decoded, triggering a "mismatched purpose" error during decode. Fix this by ensuring that we compare both sides as a String.
788e669
to
cebdf71
Compare
@@ -82,7 +82,7 @@ def extract_from_metadata_envelope(envelope, purpose: nil) | |||
throw :invalid_message_content, "expired" | |||
end | |||
|
|||
if hash["pur"] != purpose&.to_s | |||
if hash["pur"].to_s != purpose.to_s |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't hash["pur"].to_s
result in matching purpose for "1"
and 1
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Correct, the new serialization already transforms the purpose in a String so hash["pur"]
is always a String if serialized with the new logic.
The old serialization, on the other hand doesn't do it and this introduces a mismatch.
Isn't fine to always compare purpose as a String? We are already doing it after all.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems like the old comparison implementation was also calling to_s
:
https://github.com/rails/rails/blame/ebc3b660e51c5bdfd639639bb3c605d522d1a728/activesupport/lib/active_support/messages/metadata.rb#L67
So this looks good to me.
Should this be backported? |
Fix decoding data encoded using a non-String purpose
Backported as 02e3f69 |
Data encoded using a non-String purpose and
use_message_serializer_for_metadata == false
was incorrectly decoded,triggering a "mismatched purpose" error during decode.
Fix this by ensuring that we compare both sides as a String.
Checklist
Before submitting the PR make sure the following are checked:
[Fix #issue-number]