Remove Rack::Protection::EncryptedCookie (#1989)

The rack-session gem has equivalent functionality. Close #1945
sinatra · Jan 15, 2024 · 9c14764 · 9c14764
1 parent 667056c
commit 9c14764
Show file tree

Hide file tree

Showing 14 changed files with 37 additions and 974 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -11,16 +11,14 @@ permissions:
 
 jobs:
   rack-protection:
-    name: rack-protection (${{ matrix.ruby }}, rack ${{ matrix.rack }}, rack-session ${{ matrix.rack_session }})
+    name: rack-protection (${{ matrix.ruby }}, rack ${{ matrix.rack }})
     runs-on: ubuntu-latest
     timeout-minutes: 5
     strategy:
       fail-fast: false
       matrix:
         rack:
           - stable
-        rack_session:
-          - stable
         ruby:
           - "2.6"
           - "2.7"
@@ -32,10 +30,9 @@ jobs:
           - "truffleruby"
         include:
           # Rack
-          - { ruby: 3.2,       rack: head,   rack_session: stable }
-          - { ruby: 3.2,       rack: stable, rack_session: head }
-          # https://github.com/sinatra/sinatra/issues/1988
-          - { ruby: ruby-head, rack: stable, rack_session: stable, allow-failure: true }
+          - { ruby: 3.2, rack: head }
+          # Never fail our build due to problems with head
+          - { ruby: ruby-head, rack: stable, allow-failure: true }
     env:
       rack: ${{ matrix.rack }}
     steps:
@@ -65,7 +62,7 @@ jobs:
         github-token: ${{ secrets.GITHUB_TOKEN }}
         webhook: ${{ secrets.DISCORD_WEBHOOK }}
   sinatra:
-    name: ${{ matrix.ruby }} (Rack ${{ matrix.rack }}, Puma ${{ matrix.puma }}, Tilt ${{ matrix.tilt }})
+    name: ${{ matrix.ruby }} (Rack ${{ matrix.rack }}, Rack::Session ${{ matrix.rack_session }}, Puma ${{ matrix.puma }}, Tilt ${{ matrix.tilt }})
     runs-on: ubuntu-latest
     timeout-minutes: 15
     strategy:
@@ -75,23 +72,28 @@ jobs:
           - stable
         rack:
           - stable
+        rack_session:
+          - stable
         tilt:
           - stable
         # Due to https://github.com/actions/runner/issues/849, we have to use quotes for '3.0'
         ruby: [2.6, 2.7, '3.0', 3.1, 3.2, 3.3, jruby, truffleruby]
         include:
           # Rack
-          - { ruby: 3.2, rack: head,   puma: stable,   tilt: stable, allow-failure: true }
+          - { ruby: 3.2, rack: head,   puma: stable,   tilt: stable, rack_session: stable, allow-failure: true }
+          # Rack::Session
+          - { ruby: 3.2, rack: stable, puma: stable,   tilt: stable, rack_session: head,   allow-failure: true }
           # Puma
-          - { ruby: 3.2, rack: stable, puma: head,     tilt: stable, allow-failure: true }
+          - { ruby: 3.2, rack: stable, puma: head,     tilt: stable, rack_session: stable, allow-failure: true }
           # Tilt
-          - { ruby: 3.2, rack: stable, puma: stable,   tilt: head, allow-failure: true }
+          - { ruby: 3.2, rack: stable, puma: stable,   tilt: head,   rack_session: stable, allow-failure: true }
           # Never fail our build due to problems with head
-          - { ruby: ruby-head,        rack: stable, puma: stable, tilt: stable, allow-failure: true }
-          - { ruby: jruby-head,       rack: stable, puma: stable, tilt: stable, allow-failure: true }
-          - { ruby: truffleruby-head, rack: stable, puma: stable, tilt: stable, allow-failure: true }
+          - { ruby: ruby-head,        rack: stable, puma: stable, tilt: stable, rack_session: stable, allow-failure: true }
+          - { ruby: jruby-head,       rack: stable, puma: stable, tilt: stable, rack_session: stable, allow-failure: true }
+          - { ruby: truffleruby-head, rack: stable, puma: stable, tilt: stable, rack_session: stable, allow-failure: true }
     env:
       rack: ${{ matrix.rack }}
+      rack_session: ${{ matrix.rack_session }}
       puma: ${{ matrix.puma }}
       tilt: ${{ matrix.tilt }}
 

diff --git a/Gemfile b/Gemfile
@@ -9,6 +9,12 @@ rack_version = ENV['rack'].to_s
 rack_version = nil if rack_version.empty? || (rack_version == 'stable')
 rack_version = { github: 'rack/rack' } if rack_version == 'head'
 gem 'rack', rack_version
+
+rack_session_version = ENV['rack_session'].to_s
+rack_session_version = nil if rack_session_version.empty? || (rack_session_version == 'stable')
+rack_session_version = { github: 'rack/rack-session' } if rack_session_version == 'head'
+gem 'rack-session', rack_session_version
+
 gem 'rackup'
 
 puma_version = ENV['puma'].to_s

diff --git a/lib/sinatra/base.rb b/lib/sinatra/base.rb
@@ -8,6 +8,7 @@
 end
 require 'tilt'
 require 'rack/protection'
+require 'rack/session'
 require 'mustermann'
 require 'mustermann/sinatra'
 require 'mustermann/regular'
@@ -1929,7 +1930,7 @@ def force_encoding(*args)
     set :dump_errors, proc { !test? }
     set :show_exceptions, proc { development? }
     set :sessions, false
-    set :session_store, Rack::Protection::EncryptedCookie
+    set :session_store, Rack::Session::Cookie
     set :logging, false
     set :protection, true
     set :method_override, false

diff --git a/rack-protection/Gemfile b/rack-protection/Gemfile
@@ -11,8 +11,3 @@ rack_version = ENV['rack'].to_s
 rack_version = nil if rack_version.empty? || (rack_version == 'stable')
 rack_version = { github: 'rack/rack' } if rack_version == 'head'
 gem 'rack', rack_version
-
-rack_session_version = ENV['rack_session'].to_s
-rack_session_version = nil if rack_session_version.empty? || (rack_session_version == 'stable')
-rack_session_version = { github: 'rack/rack-session' } if rack_session_version == 'head'
-gem 'rack-session', rack_session_version
diff --git a/rack-protection/lib/rack/protection.rb b/rack-protection/lib/rack/protection.rb
@@ -2,16 +2,13 @@
 
 require 'rack/protection/version'
 require 'rack'
-require 'rack/session'
 
 module Rack
   module Protection
     autoload :AuthenticityToken,     'rack/protection/authenticity_token'
     autoload :Base,                  'rack/protection/base'
     autoload :CookieTossing,         'rack/protection/cookie_tossing'
     autoload :ContentSecurityPolicy, 'rack/protection/content_security_policy'
-    autoload :Encryptor,             'rack/protection/encryptor'
-    autoload :EncryptedCookie,       'rack/protection/encrypted_cookie'
     autoload :EscapedParams,         'rack/protection/escaped_params'
     autoload :FormToken,             'rack/protection/form_token'
     autoload :FrameOptions,          'rack/protection/frame_options'

diff --git a/rack-protection/lib/rack/protection/authenticity_token.rb b/rack-protection/lib/rack/protection/authenticity_token.rb
@@ -51,6 +51,7 @@ module Protection
     # Here is <tt>server.rb</tt>:
     #
     #   require 'rack/protection'
+    #   require 'rack/session'
     #
     #   app = Rack::Builder.app do
     #     use Rack::Session::Cookie, secret: 'secret'