aboutsummaryrefslogtreecommitdiffstats
path: root/railties
diff options
context:
space:
mode:
authorArun Agrawal <arunagw@gmail.com>2015-10-26 16:28:09 +0100
committerArun Agrawal <arunagw@gmail.com>2015-10-27 10:18:05 +0100
commit4810f401c4fd63985fb194d068717853599d0ba9 (patch)
tree00a756d93822d212d2f196282f18e443a44ddeaa /railties
parent190c69ece3a94dbd92f84833491d1b7b1bad06ea (diff)
downloadrails-4810f401c4fd63985fb194d068717853599d0ba9.tar.gz
rails-4810f401c4fd63985fb194d068717853599d0ba9.tar.bz2
rails-4810f401c4fd63985fb194d068717853599d0ba9.zip
raise `ArgumentError` when `SECRET_KEY_BASE` is an integer
If `SECRET_KEY_BASE` or other `secret` gets passed as other then string we need to raise `ArgumentError` to know that it's a wrong argument. Closes #22072
Diffstat (limited to 'railties')
-rw-r--r--railties/lib/rails/application.rb3
-rw-r--r--railties/test/application/configuration_test.rb13
2 files changed, 16 insertions, 0 deletions
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 7916e24af1..e81ec62a1d 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -167,6 +167,9 @@ module Rails
# team. Details at https://github.com/rails/rails/pull/6952#issuecomment-7661220
@caching_key_generator ||=
if secrets.secret_key_base
+ unless secrets.secret_key_base.kind_of?(String)
+ raise ArgumentError, "`secret_key_base` for #{Rails.env} environment must be a type of String, change this value in `config/secrets.yml`"
+ end
key_generator = ActiveSupport::KeyGenerator.new(secrets.secret_key_base, iterations: 1000)
ActiveSupport::CachingKeyGenerator.new(key_generator)
else
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index d96d8ded6b..ebcfcb1c3a 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -417,6 +417,19 @@ module ApplicationTests
end
end
+ test "raise when secrets.secret_key_base is not a type of string" do
+ app_file 'config/secrets.yml', <<-YAML
+ development:
+ secret_key_base: 123
+ YAML
+
+ app 'development'
+
+ assert_raise(ArgumentError) do
+ app.key_generator
+ end
+ end
+
test "prefer secrets.secret_token over config.secret_token" do
app_file 'config/initializers/secret_token.rb', <<-RUBY
Rails.application.config.secret_token = ""