diff options
Diffstat (limited to 'actionpack/lib/action_dispatch')
-rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 1e49a307ed..87e8dd5010 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -52,12 +52,15 @@ module ActionDispatch # * <tt>:httponly</tt> - Whether this cookie is accessible via scripting or # only HTTP. Defaults to +false+. class Cookies + HTTP_HEADER = "Set-Cookie".freeze + TOKEN_KEY = "action_dispatch.secret_token".freeze + # Raised when storing more than 4K of session data. class CookieOverflow < StandardError; end class CookieJar < Hash #:nodoc: def self.build(request) - secret = request.env["action_dispatch.secret_token"] + secret = request.env[TOKEN_KEY] new(secret).tap do |hash| hash.update(request.cookies) end @@ -137,9 +140,9 @@ module ActionDispatch @signed ||= SignedCookieJar.new(self, @secret) end - def write(response) - @set_cookies.each { |k, v| response.set_cookie(k, v) } - @delete_cookies.each { |k, v| response.delete_cookie(k, v) } + def write(headers) + @set_cookies.each { |k, v| ::Rack::Utils.set_cookie_header!(headers, k, v) } + @delete_cookies.each { |k, v| ::Rack::Utils.delete_cookie_header!(headers, k, v) } end end @@ -232,12 +235,13 @@ module ActionDispatch status, headers, body = @app.call(env) if cookie_jar = env['action_dispatch.cookies'] - response = Rack::Response.new(body, status, headers) - cookie_jar.write(response) - response.to_a - else - [status, headers, body] + cookie_jar.write(headers) + if headers[HTTP_HEADER].respond_to?(:join) + headers[HTTP_HEADER] = headers[HTTP_HEADER].join("\n") + end end + + [status, headers, body] end end end |