-
Notifications
You must be signed in to change notification settings - Fork 120
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Event objects can't be properly serialized using Rails :json serializer #13
Comments
As far as I can tell, the JSON serializer in rails 4.1+ simply cannot be used for serializing objects but only for primitves such as hashes, arrays, strings, etc. So I guess the only possible solution would be to store the events using a hash representation in the session and then reinitialize the original event objects from those hashes. |
this way they can be serialized using :json serialization and not only using :marshal. :json is the default serializer in rails 4.1+ and considered much safer see issue #13
Fix was merged into master. |
This issue has been resolved by PR #16 but when this change is deployed there can be exceptions with old session data that still contains serialized objects instead of the new hashes.
How should we react to that? Just put a warning in the changelog? Build some migration code? |
This only happens if a users last request before the deployment was a redirect that stored the rack-tracker event in the session (as a serialized object) and the next request is after the deployment and excepts a serialized hash. All further requests are not affected. In our case it produced 2 exceptions after the deployment. |
¯_(ツ)_/¯ maybe advise users to change the session secret, so everything is invalidated |
wouldn't that be pretty drastic to invalidate thousands of sessions just to prevent 2 exceptions? |
Background:
Rails.application.config.action_dispatch.cookies_serializer
is set to:json
(or:hybrid
)Problem: A rack tracker event object (such as
Rack::Tracker::GoogleAnalytics::Send
) wich was stored in the session and retrieved again, will be deserialized as a string like"#<Rack::Tracker::GoogleAnalytics::Send type=\"event\", category=\"...\", action=\"...\">"
" instead of a proper object.This results in an exception like
NoMethodError: undefined method 'write' for #<String:0x00000007ae8bf0>
I'm not sure what the event objects need to implement in order to serialize well to JSON. Maybe include http://api.rubyonrails.org/classes/ActiveModel/Serializers/JSON.html ?
The text was updated successfully, but these errors were encountered: