Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Check cookie overflow #6796
This comment has been minimized.
This comment has been minimized.Show comment Hide comment
Well, after thinking about this, I believe my implementation is not correct. As far as I understand the 4K limit, the escaped value should not exceed the 4K, but I check the raw value. Also, it's allowed to store an Array in the cookie. In that case, I don't calculate the correct value length either. What do you think, should I adjust the behavior to reflect this or isn't it worth the hassle? Maybe Rack should check the length of cookies, not Rails.