From 767acf6acbb244114719c1075e29a048c2f023ca Mon Sep 17 00:00:00 2001 From: Ryuta Kamizono Date: Tue, 30 Mar 2021 15:31:48 +0900 Subject: [PATCH] Fix "Exception: ActionView::Template::Error: wrong number of arguments (2 for 1)" correctly The compatibility issue #41783 is caused by 08edf16 and abd27d5 to fix the wrong number of arguments error which is caused by d124f19 (Ruby 2.2 doesn't have `Base64.urlsafe_encode64(..., padding: false)` option). https://buildkite.com/rails/rails/builds/69289#5fba2577-5872-446a-af47-27c188850924/911-919 When I was fixing this error, I accidentally introduced a part of #18496 to 5-2-stable because I referred to the code in the master branch, and the new error occurred. https://buildkite.com/rails/rails/builds/69290#95836b97-b446-4d41-a3a5-a1da2149bad3/911-1095 In that time, I wasn't sure why the new error occurred. Since I supposed the master branch is correct, I fixed the failure tests one by one, referred to the test code in the master branch. As a result, #18496 was introduced to 5-2-stable without cf3736d. I've reverted 08edf16 and abd27d5 since the incompatible change was unintentional, and I've made correct fix for the wrong number of arguments error. --- .../action_controller/metal/request_forgery_protection.rb | 5 ----- 1 file changed, 5 deletions(-) diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb index a64905e328cf5..fdefa8b700f24 100644 --- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb @@ -321,11 +321,6 @@ def masked_authenticity_token(session, form_options: {}) # :doc: global_csrf_token(session) end - one_time_pad = SecureRandom.random_bytes(AUTHENTICITY_TOKEN_LENGTH) - encrypted_csrf_token = xor_byte_strings(one_time_pad, raw_token) - masked_token = one_time_pad + encrypted_csrf_token - Base64.urlsafe_encode64(masked_token, padding: false) - mask_token(raw_token) end