diff options
| author | Jeremy Kemper <jeremy@bitsweat.net> | 2007-03-13 20:44:16 +0000 |
|---|---|---|
| committer | Jeremy Kemper <jeremy@bitsweat.net> | 2007-03-13 20:44:16 +0000 |
| commit | 5219aa90083a76832c6691bdef6fe3dc51a69281 (patch) | |
| tree | ab4086a7ca090c2619b8c0c6e4467df4e5aff2bd /actionpack | |
| parent | 5bd116ccf4e341b25dbba418b6c5f0ed3b0c5187 (diff) | |
| download | rails-5219aa90083a76832c6691bdef6fe3dc51a69281.tar.gz rails-5219aa90083a76832c6691bdef6fe3dc51a69281.tar.bz2 rails-5219aa90083a76832c6691bdef6fe3dc51a69281.zip | |
Cookie session store: raise ArgumentError when :session_key is blank.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6415 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/CHANGELOG | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_controller/session/cookie_store.rb | 7 | ||||
| -rwxr-xr-x | actionpack/test/controller/session/cookie_store_test.rb | 6 |
3 files changed, 14 insertions, 1 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index 359e53d198..59aba334b5 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* Cookie session store: raise ArgumentError when :session_key is blank. [Jeremy Kemper] + * Deprecation: remove deprecated request, redirect, and dependency methods. Remove deprecated instance variables. Remove deprecated url_for(:symbol, *args) and redirect_to(:symbol, *args) in favor of named routes. Remove uses_component_template_root for toplevel components directory. Privatize deprecated render_partial and render_partial_collection view methods. Remove deprecated link_to_image, link_image_to, update_element_function, start_form_tag, and end_form_tag helper methods. Remove deprecated human_size helper alias. [Jeremy Kemper] * Consistent public/protected/private visibility for chained methods. #7813 [Dan Manges] diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb index fe2d96e17d..7f0afbd4b0 100644 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ b/actionpack/lib/action_controller/session/cookie_store.rb @@ -44,9 +44,14 @@ class CGI::Session::CookieStore # Called from CGI::Session only. def initialize(session, options = {}) + # The session_key option is required. + if options['session_key'].blank? + raise ArgumentError, 'A session_key is required to write a cookie containing the session data. Use config.action_controller.session = { :session_key => "_myapp_session", :secret => "some secret phrase" } in config/environment.rb' + end + # The secret option is required. if options['secret'].blank? - raise ArgumentError, 'A secret is required to generate an integrity hash for cookie session data. Use config.action_controller.session = { :secret => "some secret phrase" } in config/environment.rb' + raise ArgumentError, 'A secret is required to generate an integrity hash for cookie session data. Use config.action_controller.session = { :session_key => "_myapp_session", :secret => "some secret phrase" } in config/environment.rb' end # Keep the session and its secret on hand so we can read and write cookies. diff --git a/actionpack/test/controller/session/cookie_store_test.rb b/actionpack/test/controller/session/cookie_store_test.rb index 6d98821cfd..88425b9f02 100755 --- a/actionpack/test/controller/session/cookie_store_test.rb +++ b/actionpack/test/controller/session/cookie_store_test.rb @@ -37,6 +37,12 @@ class CookieStoreTest < Test::Unit::TestCase ENV.delete('HTTP_COOKIE') end + def test_raises_argument_error_if_missing_session_key + [nil, ''].each do |blank| + assert_raise(ArgumentError, blank.inspect) { new_session 'session_key' => blank } + end + end + def test_raises_argument_error_if_missing_secret [nil, ''].each do |blank| assert_raise(ArgumentError, blank.inspect) { new_session 'secret' => blank } |