Uploaded image for project: 'TorqueBox'
  1. TorqueBox
  2. TORQUE-1196

Torquebox store throws errors when it receives NullSessionHash

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 3.0.1, 3.0.2
    • Fix Version/s: 3.1.1
    • Component/s: Rails
    • Labels:

      Description

      When using Rails' >= 4 CSRF protection, the default setting for protect_from_forgery is now :null_session. Under this configuration, if a form submission includes an invalid authenticity token, a ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullSessionHash object will be returned. I then get the following exception reported:

      NoMethodError: undefined method `delete_if' for {}:ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullSessionHash
      

      Backtrace:

      /gems/torquebox-web-3.0.1-java/lib/torquebox/session/servlet_store.rb:103 in "store_session_data"
      /gems/torquebox-web-3.0.1-java/lib/torquebox/session/servlet_store.rb:69 in "commit_session"
      /gems/torquebox-web-3.0.1-java/lib/torquebox/session/servlet_store.rb:48 in "call"
      /gems/actionpack-4.0.2/lib/action_dispatch/middleware/cookies.rb:486 in "call"
      /gems/activerecord-4.0.2/lib/active_record/query_cache.rb:36 in "call"
      /gems/activerecord-4.0.2/lib/active_record/connection_adapters/abstract/connection_pool.rb:626 in "call"
      /gems/actionpack-4.0.2/lib/action_dispatch/middleware/callbacks.rb:29 in "call"
      /gems/activesupport-4.0.2/lib/active_support/callbacks.rb:376 in "_run__1924753238__call__callbacks"
      /gems/activesupport-4.0.2/lib/active_support/callbacks.rb:80 in "run_callbacks"
      /gems/actionpack-4.0.2/lib/action_dispatch/middleware/callbacks.rb:27 in "call"
      /gems/actionpack-4.0.2/lib/action_dispatch/middleware/remote_ip.rb:76 in "call"
      /gems/actionpack-4.0.2/lib/action_dispatch/middleware/debug_exceptions.rb:17 in "call"
      /gems/actionpack-4.0.2/lib/action_dispatch/middleware/show_exceptions.rb:30 in "call"
      /gems/railties-4.0.2/lib/rails/rack/logger.rb:38 in "call_app"
      /gems/railties-4.0.2/lib/rails/rack/logger.rb:20 in "call"
      /gems/activesupport-4.0.2/lib/active_support/tagged_logging.rb:67 in "tagged"
      /gems/activesupport-4.0.2/lib/active_support/tagged_logging.rb:25 in "tagged"
      /gems/activesupport-4.0.2/lib/active_support/tagged_logging.rb:67 in "tagged"
      /gems/railties-4.0.2/lib/rails/rack/logger.rb:20 in "call"
      /gems/actionpack-4.0.2/lib/action_dispatch/middleware/request_id.rb:21 in "call"
      /gems/rack-1.5.2/lib/rack/methodoverride.rb:21 in "call"
      /gems/rack-1.5.2/lib/rack/runtime.rb:17 in "call"
      /gems/rack-1.5.2/lib/rack/sendfile.rb:112 in "call"
      /gems/actionpack-4.0.2/lib/action_dispatch/middleware/ssl.rb:24 in "call"
      /gems/railties-4.0.2/lib/rails/engine.rb:511 in "call"
      /gems/railties-4.0.2/lib/rails/application.rb:97 in "call"
      /gems/railties-4.0.2/lib/rails/railtie/configurable.rb:30 in "method_missing"
      

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                benbrowning Ben Browning
                Reporter:
                jmcnevin Jeremy McNevin
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: