Skip to content

Commit caccb4b

Browse files
committed
Fix args to Cookie and wrap with base64
1 parent e5d5ce8 commit caccb4b

File tree

1 file changed

+20
-10
lines changed

1 file changed

+20
-10
lines changed

app.psgi

Lines changed: 20 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,9 @@ BEGIN {
1717
use Config::JFDI;
1818
use FindBin;
1919
use lib "$FindBin::RealBin/lib";
20-
use File::Path ();
21-
use JSON qw( encode_json decode_json );
20+
use File::Path ();
21+
use JSON ();
22+
use MIME::Base64 ();
2223
use MetaCPAN::Web;
2324
use Plack::Builder;
2425
use Plack::App::File;
@@ -31,6 +32,7 @@ use Plack::Middleware::ReverseProxy;
3132
use Plack::Middleware::Session::Cookie;
3233
use Plack::Middleware::ServerStatus::Lite;
3334
use Plack::Session::Store::File;
35+
use Try::Tiny;
3436

3537
# explicitly call ->to_app on every Plack::App::* for performance
3638
my $app = Plack::App::URLMap->new;
@@ -65,9 +67,6 @@ my $app = Plack::App::URLMap->new;
6567

6668
die 'cookie_secret not configured' unless $config->get->{cookie_secret};
6769

68-
my $storage_path = "$path/var/tmp/cookies";
69-
maybe_make_path($storage_path);
70-
7170
# Add session cookie here only
7271
$core_app = Plack::Middleware::Session::Cookie->wrap(
7372
$core_app,
@@ -76,11 +75,22 @@ my $app = Plack::App::URLMap->new;
7675
secure => ( ( $ENV{PLACK_ENV} || q[] ) ne 'development' ),
7776
httponly => 1,
7877
secret => $config->get->{cookie_secret},
79-
store => Plack::Session::Store::File->new(
80-
dir => $storage_path,
81-
serializer => sub { encode_json(@_) },
82-
deserializer => sub { decode_json(@_) },
83-
),
78+
serializer => sub {
79+
80+
# Pass $_[0] since the json subs may have a ($) protoype.
81+
# Pass '' to base64 for a blank separator (instead of newlines).
82+
MIME::Base64::encode( JSON::encode_json( $_[0] ), q[] );
83+
},
84+
deserializer => sub {
85+
86+
# Use try/catch so JSON doesn't barf if the cookie is bad.
87+
try {
88+
JSON::decode_json( MIME::Base64::decode( $_[0] ) )
89+
}
90+
91+
# No session.
92+
catch { +{}; };
93+
},
8494
);
8595

8696
$app->map( q[/] => $core_app );

0 commit comments

Comments
 (0)