diff options
Diffstat (limited to 'actionpack/lib/action_controller/session/cookie_store.rb')
-rw-r--r-- | actionpack/lib/action_controller/session/cookie_store.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb index 1754eb34b1..e65ff6b262 100644 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ b/actionpack/lib/action_controller/session/cookie_store.rb @@ -89,7 +89,10 @@ class CGI::Session::CookieStore def unmarshal(cookie) if cookie data, digest = CGI.unescape(cookie).split('--') - raise TamperedWithCookie unless digest == generate_digest(data) + unless digest == generate_digest(data) + delete + raise TamperedWithCookie + end Marshal.load(Base64.decode64(data)) end end |