diff options
| author | Agis- <corestudiosinc@gmail.com> | 2014-07-11 13:24:49 +0300 |
|---|---|---|
| committer | Agis- <corestudiosinc@gmail.com> | 2014-07-11 13:24:49 +0300 |
| commit | e67f001e7c1b3d24750e9dd81006d2ad84bbf50e (patch) | |
| tree | c6e9c451bed31e853a8b21d2c9ff16754df78c2c /actionpack/lib/action_dispatch | |
| parent | 00aae7cb38a9d7029b1530bcf21a89ead80130a4 (diff) | |
| download | rails-e67f001e7c1b3d24750e9dd81006d2ad84bbf50e.tar.gz rails-e67f001e7c1b3d24750e9dd81006d2ad84bbf50e.tar.bz2 rails-e67f001e7c1b3d24750e9dd81006d2ad84bbf50e.zip | |
Use `#bytesize` instead of `#size` when checking for cookie overflow
Although the cookie values happens to be ASCII strings because they are
Base64 encoded, it is semantically incorrect to check for the number of the
characters in the cookie, when we actually want to check for the number of the
bytes it consists of.
Furthermore it is unecessary coupling with the current implementation that
uses Base64 for encoding the values.
Diffstat (limited to 'actionpack/lib/action_dispatch')
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index e069840b8e..ac9e5effe2 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -468,7 +468,7 @@ module ActionDispatch options = { :value => @verifier.generate(serialize(name, options)) } end - raise CookieOverflow if options[:value].size > MAX_COOKIE_SIZE + raise CookieOverflow if options[:value].bytesize > MAX_COOKIE_SIZE @parent_jar[name] = options end @@ -526,7 +526,7 @@ module ActionDispatch options[:value] = @encryptor.encrypt_and_sign(serialize(name, options[:value])) - raise CookieOverflow if options[:value].size > MAX_COOKIE_SIZE + raise CookieOverflow if options[:value].bytesize > MAX_COOKIE_SIZE @parent_jar[name] = options end |