diff options
| author | Godfrey Chan <godfreykfc@gmail.com> | 2014-04-23 11:07:50 -0500 |
|---|---|---|
| committer | Godfrey Chan <godfreykfc@gmail.com> | 2014-04-23 12:32:14 -0500 |
| commit | 2a412b3d6f6eef23db5874c5e33d995858bfa1e5 (patch) | |
| tree | 2eb24bd456620652175c5512f7cc87462bf47160 /actionpack/CHANGELOG.md | |
| parent | 650585da8ac15742b64965c338110e8e859a3b5e (diff) | |
| download | rails-2a412b3d6f6eef23db5874c5e33d995858bfa1e5.tar.gz rails-2a412b3d6f6eef23db5874c5e33d995858bfa1e5.tar.bz2 rails-2a412b3d6f6eef23db5874c5e33d995858bfa1e5.zip | |
Fixed an issue with migrating legacy json cookies.
Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming
cookies are marshal-encoded. This is not the case when `secret_token` is
used in conjunction with the `:json` or `:hybrid` serializer.
In those case, when upgrading to use `secret_key_base`, this would cause a
`TypeError: incompatible marshal file format` and a 500 error for the user.
Fixes #14774.
*Godfrey Chan*
Diffstat (limited to 'actionpack/CHANGELOG.md')
| -rw-r--r-- | actionpack/CHANGELOG.md | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md index 221aaa338c..15833641bb 100644 --- a/actionpack/CHANGELOG.md +++ b/actionpack/CHANGELOG.md @@ -1,3 +1,16 @@ +* Fixed an issue with migrating legacy json cookies. + + Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming + cookies are marshal-encoded. This is not the case when `secret_token` is + used in conjunction with the `:json` or `:hybrid` serializer. + + In those case, when upgrading to use `secret_key_base`, this would cause a + `TypeError: incompatible marshal file format` and a 500 error for the user. + + Fixes #14774. + + *Godfrey Chan* + * Make URL escaping more consistent: 1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers |