diff options
| author | Joshua Peek <josh@joshpeek.com> | 2010-01-17 21:30:38 -0600 |
|---|---|---|
| committer | Joshua Peek <josh@joshpeek.com> | 2010-01-17 21:31:06 -0600 |
| commit | eeba755a11dbdbf90afd4fd815e215bd7e9826e6 (patch) | |
| tree | 81697167acbfd6eee63f8a6619e5f77e69d3782a | |
| parent | 6ce538d4850cca0e6ce71da1a5b8d350e57f154f (diff) | |
| download | rails-eeba755a11dbdbf90afd4fd815e215bd7e9826e6.tar.gz rails-eeba755a11dbdbf90afd4fd815e215bd7e9826e6.tar.bz2 rails-eeba755a11dbdbf90afd4fd815e215bd7e9826e6.zip | |
Accessing nonexistant cookies through the signed jar should not raise an
exception
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 4 | ||||
| -rw-r--r-- | actionpack/test/controller/cookie_test.rb | 5 |
2 files changed, 8 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 5d2734a15e..0dc03a1a7e 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -176,7 +176,9 @@ module ActionDispatch end def [](name) - @verifier.verify(@parent_jar[name]) + if value = @parent_jar[name] + @verifier.verify(value) + end end def []=(key, options) diff --git a/actionpack/test/controller/cookie_test.rb b/actionpack/test/controller/cookie_test.rb index fd6538b27a..f5ccef8aaf 100644 --- a/actionpack/test/controller/cookie_test.rb +++ b/actionpack/test/controller/cookie_test.rb @@ -141,6 +141,11 @@ class CookieTest < ActionController::TestCase assert_equal 45, @controller.send(:cookies).signed[:user_id] end + def test_accessing_nonexistant_signed_cookie_should_not_raise_an_invalid_signature + get :set_signed_cookie + assert_nil @controller.send(:cookies).signed[:non_existant_attribute] + end + def test_permanent_signed_cookie get :set_permanent_signed_cookie assert_match %r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"] |