Class: Rack::Session::Cookie
Overview
Monkey patch Rack’s cookie management to fix a nil error
Instance Method Summary collapse
Instance Method Details
#unpacked_cookie_data(env) ⇒ Object
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'lib/arachni/ui/web/server.rb', line 56 def (env) env["rack.session.unpacked_cookie_data"] ||= begin request = Rack::Request.new(env) session_data = request.[@key] if @secret && session_data session_data, digest = session_data.split("--") unless digest == generate_hmac(session_data, @secret) # Clear the session data if secret doesn't match and old secret doesn't match session_data = nil if (@old_secret.nil? || (digest != generate_hmac(session_data, @old_secret))) end end coder.decode(session_data) || {} end end |