Support UTF-8 data when using the JSON serializer (#39)

* Replace all instance of 'BINARY' with `Encoding::BINARY`
rack · Jan 4, 2025 · b2ee1bd · b2ee1bd
1 parent 625a83a
commit b2ee1bd
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 5 deletions.
diff --git a/lib/rack/session/encryptor.rb b/lib/rack/session/encryptor.rb
@@ -32,12 +32,12 @@ module Serializable
         def serialize_payload(message)
           serialized_data = serializer.dump(message)
 
-          return "#{[0].pack('v')}#{serialized_data}" if @options[:pad_size].nil?
+          return "#{[0].pack('v')}#{serialized_data.force_encoding(Encoding::BINARY)}" if @options[:pad_size].nil?
 
           padding_bytes = @options[:pad_size] - (2 + serialized_data.size) % @options[:pad_size]
           padding_data = SecureRandom.random_bytes(padding_bytes)
 
-          "#{[padding_bytes].pack('v')}#{padding_data}#{serialized_data}"
+          "#{[padding_bytes].pack('v')}#{padding_data}#{serialized_data.force_encoding(Encoding::BINARY)}"
         end
 
         # Return the deserialized message. The first 2 bytes will be read as the
@@ -103,7 +103,7 @@ def initialize(secret, opts = {})
             serialize_json: false, pad_size: 32, purpose: nil
           }.update(opts)
 
-          @hmac_secret = secret.dup.force_encoding('BINARY')
+          @hmac_secret = secret.dup.force_encoding(Encoding::BINARY)
           @cipher_secret = @hmac_secret.slice!(0, 32)
 
           @hmac_secret.freeze
@@ -250,7 +250,7 @@ def initialize(secret, opts = {})
           }.update(opts)
           @options[:serialize_json] = true # Enforce JSON serialization
 
-          @cipher_secret = secret.dup.force_encoding('BINARY').slice!(0, 32)
+          @cipher_secret = secret.dup.force_encoding(Encoding::BINARY).slice!(0, 32)
           @cipher_secret.freeze
         end
 

diff --git a/test/spec_session_cookie.rb b/test/spec_session_cookie.rb
@@ -212,7 +212,7 @@ def decode(str); @calls << :decode; JSON.parse(str); end
     response.body.must_equal ({"counter"=>1}.to_s)
     identity.calls.must_equal [:encode]
 
-    response = response_for(app: [incrementor, { coder: identity }], :cookie=>response["Set-Cookie"].split(';', 2).first)
+    response_for(app: [incrementor, { coder: identity }], cookie: response["Set-Cookie"].split(';', 2).first)
     identity.calls.must_equal [:encode, :decode, :encode]
   end
 

diff --git a/test/spec_session_encryptor.rb b/test/spec_session_encryptor.rb
@@ -58,6 +58,18 @@ def self.included(_base)
         encryptor.decrypt(message).must_equal({ 'foo' => 'bar' })
       end
 
+      # The V1 encryptor defaults to the Marshal serializer, while the V2
+      # encryptor always uses the JSON serializer. This means that we are
+      # indirectly covering both serializers.
+      it 'decrypts an encrypted message with UTF-8 data' do
+        encryptor = encryptor_class.new(@secret)
+
+        encrypted_message = encryptor.encrypt({ 'foo' => 'bar 😀' })
+        decrypted_message = encryptor.decrypt(encrypted_message)
+
+        decrypted_message.must_equal({ 'foo' => 'bar 😀' })
+      end
+
       it 'decrypts raises InvalidSignature without purpose' do
         encryptor = encryptor_class.new(@secret, purpose: 'testing')
         other_encryptor = encryptor_class.new(@secret)