如何解码从websocket连接握手的标题的cookie? (红宝石) [英] How to decode a cookie from the header of a websocket connection handshake? (Ruby)
问题描述
我在 EventMachine.run 循环中和我的环境中运行方法我想检查 Sinatra ws.onopen 握手头的cookie,以确保传入的请求来自我的webapp的注册用户。 p>
我的 Sinatra 应用程式包括以下内容:
use Rack :: Session :: Cookie,:key => COOKIE_KEY,
:path => '/',
:expire_after => 2592000,#30天
:secret => COOKIE_SECRET
和我的 ws.onopen
ws.onopen {| handshake |
cookie,bakesale = handshake.headers ['Cookie']。split('=')
rack_cookie = Rack :: Session :: Cookie.new(MyApp,{
:key => ; COOKIE_KEY,
:path =>'/',
:expire_after => 2592000,#30天
:secret => COOKIE_SECRET
})
decode = rack_cookie.coder.decode(bakesale)
putsdecoded:#{decoded}
}
cookie 的值与我的 COOKIE_KEY 很匹配, 解码是 nil
我已将上述内容略微更改为
/ p> ws.onopen {| handshake |
cookie,bakesale = handshake.headers ['Cookie']。split('=')
rack_cookie = Rack :: Session :: Cookie.new(MyApp,{
:key => ; COOKIE_KEY,
:path =>'/',
:expire_after => 2592000,#30 days
:secret => COOKIE_SECRET,
:coder => Rack :: Session :: Cookie :: Base64.new
})
puts rack_cookie.coder.decode(bakesale)
}
并输出
[F] _FASH __; F {F} __ FLASH __; F {__ FLASH __; F { Iuser; FU:Moped :: BSO?㣤?&?V7D?B!
看起来需要编组。 / p>
但 Marshal.load(rack_cookie.coder.decode(bakesale))引发异常,说<$ c $符号(0x10)的转储格式错误
- 甚至更多时间 -
我也尝试过 rack_cookie.coder.decode(bakesale.split(' - ')。)
这导致
?? H?d ???? =?d:ETIE7ce599b294cb6e2b95e9? #C& F3#SC#CSC#CSs?c3sSCCs?cCm; FI__ FLASH __; F {Iuser; FU:Moped :: BSO???&V7D?B!
所以你可以看到,有一个细微的差别,但无论如何,我需要以某种方式把它变成一个有效的哈希。
Marshal.load(rack_cookie.coder.decode(bakesale.split(' - ')。first))仍然导致符号(0x10)的转储格式错误。
所以我觉得我更近了,但还没有雪茄。
答案是使用 Rack :: Utils.unencode 。
我现在有这个工作
Marshal.load(rack_cookie.coder.decode(Rack :: Utils.unescape(bakesale.split ').first)))完全解码我需要的哈希,允许我提取用户ID。 W00t!
非常感谢用户 spastorino 在 https://github.com/rack/rack/issues/551 指向正确的方向。
I am running a Sinatra app within an EventMachine.run loop and in my ws.onopen method I wish to check the handshake header's cookie to ensure that the incoming request is coming from a registered user of my webapp.
My Sinatra app includes the following:
use Rack::Session::Cookie, :key => COOKIE_KEY,
:path => '/',
:expire_after => 2592000, #30 days
:secret => COOKIE_SECRET
and my ws.onopen method looks like this (trimmed)
ws.onopen { |handshake|
cookie, bakesale = handshake.headers['Cookie'].split('=')
rack_cookie = Rack::Session::Cookie.new(MyApp, {
:key => COOKIE_KEY,
:path => '/',
:expire_after => 2592000, #30 days
:secret => COOKIE_SECRET
})
decoded = rack_cookie.coder.decode(bakesale)
puts "decoded: #{decoded}"
}
The value of cookie matches my COOKIE_KEY just fine, however the value of decoded is nil
How should I decode the incoming cookie data?
-- some time later --
I've changed the above slightly to
ws.onopen { |handshake|
cookie, bakesale = handshake.headers['Cookie'].split('=')
rack_cookie = Rack::Session::Cookie.new(MyApp, {
:key => COOKIE_KEY,
:path => '/',
:expire_after => 2592000, #30 days
:secret => COOKIE_SECRET,
:coder => Rack::Session::Cookie::Base64.new
})
puts rack_cookie.coder.decode(bakesale)
}
and that outputs
?q?[?????ov??????to?Z???294cb6e2b95e9?##v3???#c&F3#SC?CSC#CSs?c3sSCCs?cCm;FI"__FLASH__;F{I" user;FU:Moped::BSO?㣤?&?V7D?B!
which looks like it needs marshalling.
However Marshal.load (rack_cookie.coder.decode(bakesale)) throws an exception, saying dump format error for symbol(0x10)
-- and even more time later --
I also tried rack_cookie.coder.decode(bakesale.split('--').first)
which resulted in
??H?d????=?d:ETI"E7ce599b294cb6e2b95e9?##v3???#c&F3#SC?CSC#CSs?c3sSCCs?cCm;FI"__FLASH__;F{I" user;FU:Moped::BSO?㣤?&?V7D?B!
So as you can see, there is a minor difference, but either way I need to somehow turn that into a valid hash.
Marshal.load(rack_cookie.coder.decode(bakesale.split('--').first)) still results in dump format error for symbol(0x10) either way.
So I feel I'm closer, but no cigar as yet.
The answer is to use Rack::Utils.unencode.
I now have this working
Marshal.load(rack_cookie.coder.decode(Rack::Utils.unescape(bakesale.split('--').first))) decodes perfectly to the hash I need, allowing me to extract the user ID. W00t!
Many thanks to User spastorino over at https://github.com/rack/rack/issues/551 for pointing me in the right direction.
这篇关于如何解码从websocket连接握手的标题的cookie? (红宝石)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
