From 97467e3ca765f7a2f6cec8924ec2aa466c712c33 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Mon, 6 Aug 2018 22:39:35 -1000 Subject: [PATCH] disable serialization for all cookies --- .../Cookie/Middleware/EncryptCookies.php | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/src/Illuminate/Cookie/Middleware/EncryptCookies.php b/src/Illuminate/Cookie/Middleware/EncryptCookies.php index 0989f7b12d4a..c9f94a28eff3 100644 --- a/src/Illuminate/Cookie/Middleware/EncryptCookies.php +++ b/src/Illuminate/Cookie/Middleware/EncryptCookies.php @@ -25,15 +25,6 @@ class EncryptCookies */ protected $except = []; - /** - * The cookies that should not be serialized. - * - * @var array - */ - protected $serialization = [ - 'XSRF-TOKEN' => false, - ]; - /** * Create a new CookieGuard instance. * @@ -43,8 +34,6 @@ class EncryptCookies public function __construct(EncrypterContract $encrypter) { $this->encrypter = $encrypter; - - $this->serialization[config('session.cookie')] = false; } /** @@ -104,7 +93,7 @@ protected function decryptCookie($name, $cookie) { return is_array($cookie) ? $this->decryptArray($cookie) - : $this->encrypter->decrypt($cookie, $this->serialization[$name] ?? true); + : $this->encrypter->decrypt($cookie, false); } /** @@ -119,7 +108,7 @@ protected function decryptArray(array $cookie) foreach ($cookie as $key => $value) { if (is_string($value)) { - $decrypted[$key] = $this->encrypter->decrypt($value, $this->serialization[$key] ?? true); + $decrypted[$key] = $this->encrypter->decrypt($value, false); } } @@ -139,10 +128,8 @@ protected function encrypt(Response $response) continue; } - $serialize = $this->serialization[$cookie->getName()] ?? true; - $response->headers->setCookie($this->duplicate( - $cookie, $this->encrypter->encrypt($cookie->getValue(), $serialize) + $cookie, $this->encrypter->encrypt($cookie->getValue(), false) )); }