Rails 2.1 RC1

Updated Instiki to Rails 2.1 RC1 (aka 2.0.991).

vendor/rails/actionpack/lib/action_controller/session/active_record_store.rb

@@ -1,7 +1,6 @@
 require 'cgi'
 require 'cgi/session'
 require 'digest/md5'
-require 'base64'
 
 class CGI
   class Session
@@ -14,7 +13,7 @@ class CGI
 
 
     # A session store backed by an Active Record class.  A default class is
-    # provided, but any object duck-typing to an Active Record +Session+ class
+    # provided, but any object duck-typing to an Active Record Session class
     # with text +session_id+ and +data+ attributes is sufficient.
     #
     # The default assumes a +sessions+ tables with columns:
@@ -27,13 +26,13 @@ class CGI
     # ActionController::SessionOverflowError will be raised.
     #
     # You may configure the table name, primary key, and data column.
-    # For example, at the end of config/environment.rb:
+    # For example, at the end of <tt>config/environment.rb</tt>:
     #   CGI::Session::ActiveRecordStore::Session.table_name = 'legacy_session_table'
     #   CGI::Session::ActiveRecordStore::Session.primary_key = 'session_id'
     #   CGI::Session::ActiveRecordStore::Session.data_column_name = 'legacy_session_data'
-    # Note that setting the primary key to the session_id frees you from
-    # having a separate id column if you don't want it.  However, you must
-    # set session.model.id = session.session_id by hand!  A before_filter
+    # Note that setting the primary key to the +session_id+ frees you from
+    # having a separate +id+ column if you don't want it.  However, you must
+    # set <tt>session.model.id = session.session_id</tt> by hand!  A before filter
     # on ApplicationController is a good place.
     #
     # Since the default class is a simple Active Record, you get timestamps
@@ -43,7 +42,7 @@ class CGI
     # You may provide your own session class implementation, whether a
     # feature-packed Active Record or a bare-metal high-performance SQL
     # store, by setting
-    #   +CGI::Session::ActiveRecordStore.session_class = MySessionClass+
+    #   CGI::Session::ActiveRecordStore.session_class = MySessionClass
     # You must implement these methods:
     #   self.find_by_session_id(session_id)
     #   initialize(hash_of_session_id_and_data)
@@ -80,8 +79,8 @@ class CGI
             find_by_session_id(session_id)
           end
 
-          def marshal(data)   Base64.encode64(Marshal.dump(data)) if data end
-          def unmarshal(data) Marshal.load(Base64.decode64(data)) if data end
+          def marshal(data)   ActiveSupport::Base64.encode64(Marshal.dump(data)) if data end
+          def unmarshal(data) Marshal.load(ActiveSupport::Base64.decode64(data)) if data end
 
           def create_table!
             connection.execute <<-end_sql
@@ -155,8 +154,13 @@ class CGI
       # The database connection, table name, and session id and data columns
       # are configurable class attributes.  Marshaling and unmarshaling
       # are implemented as class methods that you may override.  By default,
-      # marshaling data is +Base64.encode64(Marshal.dump(data))+ and
-      # unmarshaling data is +Marshal.load(Base64.decode64(data))+.
+      # marshaling data is
+      #
+      #   ActiveSupport::Base64.encode64(Marshal.dump(data))
+      #
+      # and unmarshaling data is
+      #
+      #   Marshal.load(ActiveSupport::Base64.decode64(data))
       #
       # This marshaling behavior is intended to store the widest range of
       # binary session data in a +text+ column.  For higher performance,
@@ -190,8 +194,8 @@ class CGI
             end
           end
 
-          def marshal(data)   Base64.encode64(Marshal.dump(data)) if data end
-          def unmarshal(data) Marshal.load(Base64.decode64(data)) if data end
+          def marshal(data)   ActiveSupport::Base64.encode64(Marshal.dump(data)) if data end
+          def unmarshal(data) Marshal.load(ActiveSupport::Base64.decode64(data)) if data end
 
           def create_table!
             @@connection.execute <<-end_sql
@@ -333,4 +337,4 @@ class CGI
         end
     end
   end
-end
+end

vendor/rails/actionpack/lib/action_controller/session/cookie_store.rb

@@ -1,6 +1,5 @@
 require 'cgi'
 require 'cgi/session'
-require 'base64'        # to convert Marshal.dump to ASCII
 require 'openssl'       # to generate the HMAC message digest
 
 # This cookie-based session store is the Rails default. Sessions typically
@@ -15,27 +14,27 @@ require 'openssl'       # to generate the HMAC message digest
 # TamperedWithCookie is raised if the data integrity check fails.
 #
 # A message digest is included with the cookie to ensure data integrity:
-# a user cannot alter his user_id without knowing the secret key included in
+# a user cannot alter his +user_id+ without knowing the secret key included in
 # the hash. New apps are generated with a pregenerated secret in
 # config/environment.rb. Set your own for old apps you're upgrading.
 #
 # Session options:
-#   :secret   An application-wide key string or block returning a string
-#             called per generated digest. The block is called with the
-#             CGI::Session instance as an argument. It's important that the
-#             secret is not vulnerable to a dictionary attack. Therefore,
-#             you should choose a secret consisting of random numbers and
-#             letters and more than 30 characters.
 #
-#             Example:  :secret => '449fe2e7daee471bffae2fd8dc02313d'
-#                       :secret => Proc.new { User.current_user.secret_key }
+# * <tt>:secret</tt>: An application-wide key string or block returning a string
+#   called per generated digest. The block is called with the CGI::Session
+#   instance as an argument. It's important that the secret is not vulnerable to
+#   a dictionary attack. Therefore, you should choose a secret consisting of
+#   random numbers and letters and more than 30 characters. Examples:
 #
-#   :digest   The message digest algorithm used to verify session integrity
-#             defaults to 'SHA1' but may be any digest provided by OpenSSL,
-#             such as 'MD5', 'RIPEMD160', 'SHA256', etc.
+#     :secret => '449fe2e7daee471bffae2fd8dc02313d'
+#     :secret => Proc.new { User.current_user.secret_key }
+#
+# * <tt>:digest</tt>: The message digest algorithm used to verify session
+#   integrity defaults to 'SHA1' but may be any digest provided by OpenSSL,
+#   such as 'MD5', 'RIPEMD160', 'SHA256', etc.
 #
 # To generate a secret key for an existing application, run
-# `rake secret` and set the key in config/environment.rb
+# `rake secret` and set the key in config/environment.rb.
 #
 # Note that changing digest or secret invalidates all existing sessions!
 class CGI::Session::CookieStore
@@ -118,7 +117,7 @@ class CGI::Session::CookieStore
   def delete
     @data = nil
     clear_old_cookie_value
-    write_cookie('value' => '', 'expires' => 1.year.ago)
+    write_cookie('value' => nil, 'expires' => 1.year.ago)
   end
 
   # Generate the HMAC keyed message digest. Uses SHA1 by default.
@@ -130,7 +129,7 @@ class CGI::Session::CookieStore
   private
     # Marshal a session hash into safe cookie data. Include an integrity hash.
     def marshal(session)
-      data = Base64.encode64(Marshal.dump(session)).chop
+      data = ActiveSupport::Base64.encode64(Marshal.dump(session)).chop
       CGI.escape "#{data}--#{generate_digest(data)}"
     end
 
@@ -142,7 +141,7 @@ class CGI::Session::CookieStore
           delete
           raise TamperedWithCookie
         end
-        Marshal.load(Base64.decode64(data))
+        Marshal.load(ActiveSupport::Base64.decode64(data))
       end
     end