-
Notifications
You must be signed in to change notification settings - Fork 21.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
raise ArgumentError
when SECRET_KEY_BASE
is an integer
#22078
Conversation
Will this change the value returned by |
And why would |
@schneems Nope it will not change the value as other specs are fine but I will double check. @rafaelfranca I saw #22072 and found that it's easy to incorporate |
It is invalid input. This should be always a string, so it should raise an On Mon, Oct 26, 2015, 14:52 Arun Agrawal notifications@github.com wrote:
|
Yes. I can work on this. |
e3b67fb
to
e5b87aa
Compare
ArgumentError
when SECRET_KEY_BASE
is an integer
@rafaelfranca I have updated PR with changes. Please have a look. thanks |
@@ -8,6 +8,9 @@ module ActiveSupport | |||
# key in multiple incompatible contexts. | |||
class KeyGenerator | |||
def initialize(secret, options = {}) | |||
unless secret.kind_of?(String) | |||
raise ArgumentError, "Secret must be a type of String" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we should check it were we assign with a proper message pointing to the secrets configuration. I think if we raise here it will not be user friendly.
72f8ef8
to
13b323e
Compare
If `SECRET_KEY_BASE` or other `secret` gets passed as other then string we need to raise `ArgumentError` to know that it's a wrong argument. Closes rails#22072
13b323e
to
4810f40
Compare
@rafaelfranca Yes. make sense to point user into right direction. I found that we are also doing some secrets.yml raise in |
raise `ArgumentError` when `SECRET_KEY_BASE` is an integer
@spastorino Should we backport this to |
@arunagw I wouldn't, I don't think it's that important. |
If
SECRET_KEY_BASE
or othersecret
gets passed as other then stringwe need to raise
ArgumentError
to know that it's a wrong argument.Closes #22072