From d3e62fc57ce3a0a1df62359f53d217d434c2d2e6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Valim?= <jose.valim@gmail.com>
Date: Tue, 18 May 2010 17:45:05 +0200
Subject: Avoid creating a Rack::Response object in the cookie middleware since
 it may stream the body.

---
 .../lib/action_dispatch/middleware/cookies.rb      | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

(limited to 'actionpack/lib/action_dispatch')

diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
index 1e49a307ed..87e8dd5010 100644
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -52,12 +52,15 @@ module ActionDispatch
   # * <tt>:httponly</tt> - Whether this cookie is accessible via scripting or
   #   only HTTP. Defaults to +false+.
   class Cookies
+    HTTP_HEADER = "Set-Cookie".freeze
+    TOKEN_KEY   = "action_dispatch.secret_token".freeze
+
     # Raised when storing more than 4K of session data.
     class CookieOverflow < StandardError; end
 
     class CookieJar < Hash #:nodoc:
       def self.build(request)
-        secret = request.env["action_dispatch.secret_token"]
+        secret = request.env[TOKEN_KEY]
         new(secret).tap do |hash|
           hash.update(request.cookies)
         end
@@ -137,9 +140,9 @@ module ActionDispatch
         @signed ||= SignedCookieJar.new(self, @secret)
       end
 
-      def write(response)
-        @set_cookies.each { |k, v| response.set_cookie(k, v) }
-        @delete_cookies.each { |k, v| response.delete_cookie(k, v) }
+      def write(headers)
+        @set_cookies.each { |k, v| ::Rack::Utils.set_cookie_header!(headers, k, v) }
+        @delete_cookies.each { |k, v| ::Rack::Utils.delete_cookie_header!(headers, k, v) }
       end
     end
 
@@ -232,12 +235,13 @@ module ActionDispatch
       status, headers, body = @app.call(env)
 
       if cookie_jar = env['action_dispatch.cookies']
-        response = Rack::Response.new(body, status, headers)
-        cookie_jar.write(response)
-        response.to_a
-      else
-        [status, headers, body]
+        cookie_jar.write(headers)
+        if headers[HTTP_HEADER].respond_to?(:join)
+          headers[HTTP_HEADER] = headers[HTTP_HEADER].join("\n")
+        end
       end
+
+      [status, headers, body]
     end
   end
 end
-- 
cgit v1.2.3