Use `Base.strict_decode64` instead of `Base.decode64` just as we do in encoding;

Also reduce extra object allocation by creating string directly instead of join on Array
author: Vipul A M <vipulnsward@gmail.com> 2013-05-15 19:41:04 +0530
committer: Vipul A M <vipulnsward@gmail.com> 2013-05-16 02:19:33 +0530
commit: a4e1e5d6329f31cb5a1ee7561fdf05dd5559ef7c (patch)
tree: 8e47e157ca57bb7dd6c6337fa754df20e2bf79c0 /activesupport/lib/active_support/message_verifier.rb
parent: dd03f10d5258dab75da6b7ec493e6558b4ed2bac (diff)
download: rails-a4e1e5d6329f31cb5a1ee7561fdf05dd5559ef7c.tar.gz
rails-a4e1e5d6329f31cb5a1ee7561fdf05dd5559ef7c.tar.bz2
rails-a4e1e5d6329f31cb5a1ee7561fdf05dd5559ef7c.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/activesupport/lib/active_support/message_verifier.rb b/activesupport/lib/active_support/message_verifier.rb
index e0cd92ae3c..a35d5980fe 100644
--- a/activesupport/lib/active_support/message_verifier.rb
+++ b/activesupport/lib/active_support/message_verifier.rb
@@ -37,7 +37,11 @@ module ActiveSupport
 
       data, digest = signed_message.split("--")
       if data.present? && digest.present? && secure_compare(digest, generate_digest(data))
-        @serializer.load(::Base64.decode64(data))
+        begin
+          @serializer.load(::Base64.strict_decode64(data))
+        rescue ArgumentError
+          raise InvalidSignature
+        end
       else
         raise InvalidSignature
       end
author	Vipul A M <vipulnsward@gmail.com>	2013-05-15 19:41:04 +0530
committer	Vipul A M <vipulnsward@gmail.com>	2013-05-16 02:19:33 +0530
commit	a4e1e5d6329f31cb5a1ee7561fdf05dd5559ef7c (patch)
tree	8e47e157ca57bb7dd6c6337fa754df20e2bf79c0 /activesupport/lib/active_support/message_verifier.rb
parent	dd03f10d5258dab75da6b7ec493e6558b4ed2bac (diff)
download	rails-a4e1e5d6329f31cb5a1ee7561fdf05dd5559ef7c.tar.gz rails-a4e1e5d6329f31cb5a1ee7561fdf05dd5559ef7c.tar.bz2 rails-a4e1e5d6329f31cb5a1ee7561fdf05dd5559ef7c.zip