From b23ffd0dac895aa3fd3afd8d9be36794941731b2 Mon Sep 17 00:00:00 2001 From: Lukasz Sarnacki Date: Fri, 10 Jan 2014 12:57:50 +0100 Subject: Allow session serializer key in config.session_store MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt. --- actionpack/test/dispatch/cookies_test.rb | 33 ++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'actionpack/test') diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index 91ac13e7c6..b19ce905f5 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -379,6 +379,39 @@ class CookiesTest < ActionController::TestCase assert_equal 'bar', cookies.encrypted[:foo] end + class ActionDispatch::Session::CustomJsonSerializer + def self.load(value) + JSON.load(value) + " and loaded" + end + + def self.dump(value) + JSON.dump(value + " was dumped") + end + end + + def test_encrypted_cookie_using_custom_json_serializer + @request.env["action_dispatch.session_serializer"] = :custom_json_serializer + get :set_encrypted_cookie + assert_equal 'bar was dumped and loaded', cookies.encrypted[:foo] + end + + def test_encrypted_cookie_using_serializer_object + @request.env["action_dispatch.session_serializer"] = ActionDispatch::Session::CustomJsonSerializer + get :set_encrypted_cookie + assert_equal 'bar was dumped and loaded', cookies.encrypted[:foo] + end + + def test_encrypted_cookie_using_json_serializer + @request.env["action_dispatch.session_serializer"] = :json_serializer + get :set_encrypted_cookie + cookies = @controller.send :cookies + assert_not_equal 'bar', cookies[:foo] + assert_raises TypeError do + cookies.signed[:foo] + end + assert_equal 'bar', cookies.encrypted[:foo] + end + def test_accessing_nonexistant_encrypted_cookie_should_not_raise_invalid_message get :set_encrypted_cookie assert_nil @controller.send(:cookies).encrypted[:non_existant_attribute] -- cgit v1.2.3