Escape cookie's key and value in ActionController::TestCase

Get an incorrect cookie value in controller action method if cookie value contains an escapable string.
author: Takayuki Matsubara <takayuki.1229@gmail.com> 2015-12-30 00:12:01 +0900
committer: Takayuki Matsubara <takayuki.1229@gmail.com> 2015-12-30 00:24:56 +0900
commit: 65e36d31819d46ea5934fa8c7222dcec04490423 (patch)
tree: 1378d54b85fd1c670fa647d9a3261515fb330fb4 /actionpack/lib/action_dispatch/middleware
parent: 929c61573e289e432a4e571ae157248745ae2eae (diff)
download: rails-65e36d31819d46ea5934fa8c7222dcec04490423.tar.gz
rails-65e36d31819d46ea5934fa8c7222dcec04490423.tar.bz2
rails-65e36d31819d46ea5934fa8c7222dcec04490423.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
index 3477aa8b29..601b55cb8f 100644
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -337,7 +337,7 @@ module ActionDispatch
       end
 
       def to_header
-        @cookies.map { |k,v| "#{k}=#{v}" }.join ';'
+        @cookies.map { |k,v| "#{::Rack::Utils.escape(k)}=#{::Rack::Utils.escape(v)}" }.join ';'
       end
 
       def handle_options(options) #:nodoc:
author	Takayuki Matsubara <takayuki.1229@gmail.com>	2015-12-30 00:12:01 +0900
committer	Takayuki Matsubara <takayuki.1229@gmail.com>	2015-12-30 00:24:56 +0900
commit	65e36d31819d46ea5934fa8c7222dcec04490423 (patch)
tree	1378d54b85fd1c670fa647d9a3261515fb330fb4 /actionpack/lib/action_dispatch/middleware
parent	929c61573e289e432a4e571ae157248745ae2eae (diff)
download	rails-65e36d31819d46ea5934fa8c7222dcec04490423.tar.gz rails-65e36d31819d46ea5934fa8c7222dcec04490423.tar.bz2 rails-65e36d31819d46ea5934fa8c7222dcec04490423.zip