edge badge

Passing the ActiveSupport::MessageEncryptor::NullSerializer downstream to the Message{Encryptor,Verifier} allows us to handle the (de)serialization step within the cookie jar, which gives us the opportunity to detect and migrate legacy cookies.

Methods
N
V
Class Public methods
new(*args)
# File actionpack/lib/action_dispatch/middleware/cookies.rb, line 183
def initialize(*args)
  super
  @legacy_verifier = ActiveSupport::MessageVerifier.new(@options[:secret_token], serializer: ActiveSupport::MessageEncryptor::NullSerializer)
end
Instance Public methods
verify_and_upgrade_legacy_signed_message(name, signed_message)
# File actionpack/lib/action_dispatch/middleware/cookies.rb, line 188
def verify_and_upgrade_legacy_signed_message(name, signed_message)
  deserialize(name, @legacy_verifier.verify(signed_message)).tap do |value|
    self[name] = { value: value }
  end
rescue ActiveSupport::MessageVerifier::InvalidSignature
  nil
end