From d36cfa2231dba9ebf3bc6900b136b205c4b51af1 Mon Sep 17 00:00:00 2001 From: Neeraj Singh Date: Mon, 25 Mar 2013 09:40:57 -0400 Subject: if cookie is tampered with then nil is returned [ci skip] if the given key is not found then verifier does raise `ActiveSupport::MessageVerifier::InvalidSignature` exception but this exception is resuced and finally nil is returned. --- actionpack/lib/action_dispatch/middleware/cookies.rb | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'actionpack/lib') diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 968a6c539e..f21d1d4ee5 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -115,8 +115,7 @@ module ActionDispatch # Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from # the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed - # cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception will - # be raised. + # cookie was tampered with by the user (or a 3rd party), nil will be returned. # # This jar requires that you set a suitable secret for the verification on your app's +config.secret_key_base+. # @@ -142,8 +141,7 @@ module ActionDispatch end # Returns a jar that'll automatically encrypt cookie values before sending them to the client and will decrypt them for read. - # If the cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception - # will be raised. + # If the cookie was tampered with by the user (or a 3rd party), nil will be returned. # # This jar requires that you set a suitable secret for the verification on your app's +config.secret_key_base+. # -- cgit v1.2.3