diff options
| -rw-r--r-- | guides/source/4_1_release_notes.md | 1 | ||||
| -rw-r--r-- | railties/CHANGELOG.md | 6 | ||||
| -rw-r--r-- | railties/lib/rails/application.rb | 2 | ||||
| -rw-r--r-- | railties/test/application/configuration_test.rb | 12 |
4 files changed, 10 insertions, 11 deletions
diff --git a/guides/source/4_1_release_notes.md b/guides/source/4_1_release_notes.md index 1ff9ae4aa8..5f1ecb1cae 100644 --- a/guides/source/4_1_release_notes.md +++ b/guides/source/4_1_release_notes.md @@ -197,7 +197,6 @@ Rails.application.message_verifier(:remember_me).verify(signed_token) # => token Rails.application.message_verifier(:remember_me).verify(tampered_token) # raises ActiveSupport::MessageVerifier::InvalidSignature - ``` ### Module#concerning diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md index 084b87bf35..9404c18f57 100644 --- a/railties/CHANGELOG.md +++ b/railties/CHANGELOG.md @@ -35,14 +35,14 @@ This verifier can be used to generate and verify signed messages in the application. - message = Rails.application.message_verifier('sensitive_data').generate('my sensible data') - Rails.application.message_verifier('sensitive_data').verify(message) + message = Rails.application.message_verifier(:sensitive_data).generate('my sensible data') + Rails.application.message_verifier(:sensitive_data).verify(message) # => 'my sensible data' It is recommended not to use the same verifier for different things, so you can get different verifiers passing the name argument. - message = Rails.application.message_verifier('cookies').generate('my sensible cookie data') + message = Rails.application.message_verifier(:cookies).generate('my sensible cookie data') See the `ActiveSupport::MessageVerifier` documentation for more information. diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb index 795321bc20..5b20c178eb 100644 --- a/railties/lib/rails/application.rb +++ b/railties/lib/rails/application.rb @@ -181,7 +181,7 @@ module Rails # See the +ActiveSupport::MessageVerifier+ documentation for more information. def message_verifier(verifier_name) @message_verifiers[verifier_name] ||= begin - secret = key_generator.generate_key(verifier_name) + secret = key_generator.generate_key(verifier_name.to_s) ActiveSupport::MessageVerifier.new(secret) end end diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb index e024ec8cef..7a8fed6732 100644 --- a/railties/test/application/configuration_test.rb +++ b/railties/test/application/configuration_test.rb @@ -274,11 +274,11 @@ module ApplicationTests app.config.session_store :disabled end - message = app.message_verifier('salt').generate("some_value") + message = app.message_verifier(:sensitive_value).generate("some_value") - assert_equal 'some_value', Rails.application.message_verifier('salt').verify(message) + assert_equal 'some_value', Rails.application.message_verifier(:sensitive_value).verify(message) - secret = app.key_generator.generate_key('salt') + secret = app.key_generator.generate_key('sensitive_value') verifier = ActiveSupport::MessageVerifier.new(secret) assert_equal 'some_value', verifier.verify(message) end @@ -289,8 +289,8 @@ module ApplicationTests app.config.session_store :disabled end - default_verifier = app.message_verifier('salt') - text_verifier = app.message_verifier('text') + default_verifier = app.message_verifier(:sensitive_value) + text_verifier = app.message_verifier(:text) message = text_verifier.generate('some_value') @@ -299,7 +299,7 @@ module ApplicationTests default_verifier.verify(message) end - assert_equal default_verifier.object_id, app.message_verifier('salt').object_id + assert_equal default_verifier.object_id, app.message_verifier(:sensitive_value).object_id assert_not_equal default_verifier.object_id, text_verifier.object_id end |