aboutsummaryrefslogtreecommitdiffstats
path: root/activemodel/lib/active_model/callbacks.rb
diff options
context:
space:
mode:
authorMichael Coyne <mikeycgto@gmail.com>2017-02-23 13:54:17 -0500
committerMichael Coyne <mikeycgto@gmail.com>2017-05-22 08:50:36 +0000
commit5a3ba63d9abad86b7f6dd36a92cfaf722e52760b (patch)
tree523981cf2bfddf5941218a463a8b19544c28db65 /activemodel/lib/active_model/callbacks.rb
parent7a2041335f2a5f86179e303fa84a4653f58e1620 (diff)
downloadrails-5a3ba63d9abad86b7f6dd36a92cfaf722e52760b.tar.gz
rails-5a3ba63d9abad86b7f6dd36a92cfaf722e52760b.tar.bz2
rails-5a3ba63d9abad86b7f6dd36a92cfaf722e52760b.zip
AEAD encrypted cookies and sessions
This commit changes encrypted cookies from AES in CBC HMAC mode to Authenticated Encryption using AES-GCM. It also provides a cookie jar to transparently upgrade encrypted cookies to this new scheme. Some other notable changes include: - There is a new application configuration value: +use_authenticated_cookie_encryption+. When enabled, AEAD encrypted cookies will be used. - +cookies.signed+ does not raise a +TypeError+ now if the name of an encrypted cookie is used. Encrypted cookies using the same key as signed cookies would be verified and serialization would then fail due the message still be encrypted.
Diffstat (limited to 'activemodel/lib/active_model/callbacks.rb')
0 files changed, 0 insertions, 0 deletions