diff options
author | Jon Moss <me@jonathanmoss.me> | 2016-02-12 21:13:37 -0500 |
---|---|---|
committer | Jon Moss <me@jonathanmoss.me> | 2016-03-02 09:01:43 -0500 |
commit | 45635098ac827ee5b243ac01b6267843cd89200a (patch) | |
tree | 6363c74dac57bd35542e1630904d1dc230e204fa /actioncable/lib/action_cable/connection | |
parent | fc1b32f8d1d26e41fa79d7a38c852acae24c77a0 (diff) | |
download | rails-45635098ac827ee5b243ac01b6267843cd89200a.tar.gz rails-45635098ac827ee5b243ac01b6267843cd89200a.tar.bz2 rails-45635098ac827ee5b243ac01b6267843cd89200a.zip |
Accept JSON with no backslashes/escaping
Fixes #22675
Allow channel identifiers and also data with no backslahes/escaping to be accepted by
the subscription storer.
Diffstat (limited to 'actioncable/lib/action_cable/connection')
-rw-r--r-- | actioncable/lib/action_cable/connection/subscriptions.rb | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/actioncable/lib/action_cable/connection/subscriptions.rb b/actioncable/lib/action_cable/connection/subscriptions.rb index 3742f248d1..5aa907c2d3 100644 --- a/actioncable/lib/action_cable/connection/subscriptions.rb +++ b/actioncable/lib/action_cable/connection/subscriptions.rb @@ -23,13 +23,13 @@ module ActionCable end def add(data) - id_key = data['identifier'] - id_options = ActiveSupport::JSON.decode(id_key).with_indifferent_access + id_options = decode_hash(data['identifier']) + identifier = normalize_identifier(id_options) subscription_klass = connection.server.channel_classes[id_options[:channel]] if subscription_klass - subscriptions[id_key] ||= subscription_klass.new(connection, id_key, id_options) + subscriptions[identifier] ||= subscription_klass.new(connection, identifier, id_options) else logger.error "Subscription class not found (#{data.inspect})" end @@ -37,7 +37,7 @@ module ActionCable def remove(data) logger.info "Unsubscribing from channel: #{data['identifier']}" - remove_subscription subscriptions[data['identifier']] + remove_subscription subscriptions[normalize_identifier(data['identifier'])] end def remove_subscription(subscription) @@ -46,7 +46,7 @@ module ActionCable end def perform_action(data) - find(data).perform_action ActiveSupport::JSON.decode(data['data']) + find(data).perform_action(decode_hash(data['data'])) end def identifiers @@ -63,8 +63,21 @@ module ActionCable private delegate :logger, to: :connection + def normalize_identifier(identifier) + identifier = ActiveSupport::JSON.encode(identifier) if identifier.is_a?(Hash) + identifier + end + + # If `data` is a Hash, this means that the original JSON + # sent by the client had no backslashes in it, and does + # not need to be decoded again. + def decode_hash(data) + data = ActiveSupport::JSON.decode(data) unless data.is_a?(Hash) + data.with_indifferent_access + end + def find(data) - if subscription = subscriptions[data['identifier']] + if subscription = subscriptions[normalize_identifier(data['identifier'])] subscription else raise "Unable to find subscription with identifier: #{data['identifier']}" |