diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2014-08-08 18:05:53 -0300 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2014-08-08 18:05:53 -0300 |
commit | 705977620539e2be6548027042f33175ebdc2505 (patch) | |
tree | 642b0153673f187bfd1ba20b230f913ad2adaec5 /actionpack/lib | |
parent | dde91e9bf5ab246f0f684b40288b272f4ba9a699 (diff) | |
parent | 629f4e007c1e80b931ed3d3a2553ad26997d8345 (diff) | |
download | rails-705977620539e2be6548027042f33175ebdc2505.tar.gz rails-705977620539e2be6548027042f33175ebdc2505.tar.bz2 rails-705977620539e2be6548027042f33175ebdc2505.zip |
Merge pull request #16434 from strzalek/cookies-digest-config-option
Add digest config option for SignedCookiesJar
Diffstat (limited to 'actionpack/lib')
-rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index ac9e5effe2..55bb9de173 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -90,6 +90,7 @@ module ActionDispatch SECRET_TOKEN = "action_dispatch.secret_token".freeze SECRET_KEY_BASE = "action_dispatch.secret_key_base".freeze COOKIES_SERIALIZER = "action_dispatch.cookies_serializer".freeze + COOKIES_DIGEST = "action_dispatch.cookies_digest".freeze # Cookies can typically store 4096 bytes. MAX_COOKIE_SIZE = 4096 @@ -212,7 +213,8 @@ module ActionDispatch secret_token: env[SECRET_TOKEN], secret_key_base: env[SECRET_KEY_BASE], upgrade_legacy_signed_cookies: env[SECRET_TOKEN].present? && env[SECRET_KEY_BASE].present?, - serializer: env[COOKIES_SERIALIZER] + serializer: env[COOKIES_SERIALIZER], + digest: env[COOKIES_DIGEST] } end @@ -441,6 +443,10 @@ module ActionDispatch serializer end end + + def digest + @options[:digest] || 'SHA1' + end end class SignedCookieJar #:nodoc: @@ -451,7 +457,7 @@ module ActionDispatch @parent_jar = parent_jar @options = options secret = key_generator.generate_key(@options[:signed_cookie_salt]) - @verifier = ActiveSupport::MessageVerifier.new(secret, serializer: NullSerializer) + @verifier = ActiveSupport::MessageVerifier.new(secret, digest: digest, serializer: NullSerializer) end def [](name) |