| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose metadata prevents cookie values from being
copy-pasted and ensures that the cookie is used only
for its originally intended purpose.
The Purpose and Expiry metadata are embedded inside signed/encrypted
cookies and will not be readable on previous versions of Rails.
We can switch off purpose and expiry metadata embedded in
signed and encrypted cookies using
config.action_dispatch.use_cookies_with_metadata = false
if you want your cookies to be readable on older versions of Rails.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Based on, yet closes https://github.com/rails/rails/pull/30708
Fix the session test by properly truncating the legacy encryption
key for cbc encryption. Borrowed straight from 👆.
Fix the cookies test a little differently than the PR. Basically
keep every config within the config block.
[ Michael Coyne & Kasper Timm Hansen ]
|
| | |
|
| |
|
|
|
|
| |
Both classes now have a rotate method where new instances are added for
each call. When decryption or verification fails the next rotation
instance is tried.
|
| | |
|
| |
|
|
|
| |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
| | |
|
| |
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
| |
|
|
|
| |
- The `boot_rails` method from abstract_unit.rb is empty after 2abcdfd978fdcd491576a237e8c6b.
- So let's remove it and its usage.
|
| | |
|
| | |
|
| |
|
