disable serialization for all cookies

taylorotwell · taylorotwell · commit 97467e3ca765 · 2018-08-06T22:39:35.000-10:00
diff --git a/src/Illuminate/Cookie/Middleware/EncryptCookies.php b/src/Illuminate/Cookie/Middleware/EncryptCookies.php
@@ -25,15 +25,6 @@ class EncryptCookies
      */
     protected $except = [];
 
-    /**
-     * The cookies that should not be serialized.
-     *
-     * @var array
-     */
-    protected $serialization = [
-        'XSRF-TOKEN' => false,
-    ];
-
     /**
      * Create a new CookieGuard instance.
      *
@@ -43,8 +34,6 @@ class EncryptCookies
     public function __construct(EncrypterContract $encrypter)
     {
         $this->encrypter = $encrypter;
-
-        $this->serialization[config('session.cookie')] = false;
     }
 
     /**
@@ -104,7 +93,7 @@ protected function decryptCookie($name, $cookie)
     {
         return is_array($cookie)
                         ? $this->decryptArray($cookie)
-                        : $this->encrypter->decrypt($cookie, $this->serialization[$name] ?? true);
+                        : $this->encrypter->decrypt($cookie, false);
     }
 
     /**
@@ -119,7 +108,7 @@ protected function decryptArray(array $cookie)
 
         foreach ($cookie as $key => $value) {
             if (is_string($value)) {
-                $decrypted[$key] = $this->encrypter->decrypt($value, $this->serialization[$key] ?? true);
+                $decrypted[$key] = $this->encrypter->decrypt($value, false);
             }
         }
 
@@ -139,10 +128,8 @@ protected function encrypt(Response $response)
                 continue;
             }
 
-            $serialize = $this->serialization[$cookie->getName()] ?? true;
-
             $response->headers->setCookie($this->duplicate(
-                $cookie, $this->encrypter->encrypt($cookie->getValue(), $serialize)
+                $cookie, $this->encrypter->encrypt($cookie->getValue(), false)
             ));
         }
 

Original file line number	Diff line number	Diff line change
`@@ -25,15 +25,6 @@ class EncryptCookies`
`25`	`25`	`*/`
`26`	`26`	`protected $except = [];`
`27`	`27`
`28`		`- /**`
`29`		`- * The cookies that should not be serialized.`
`30`		`- *`
`31`		`- * @var array`
`32`		`- */`
`33`		`- protected $serialization = [`
`34`		`- 'XSRF-TOKEN' => false,`
`35`		`- ];`
`36`		`-`
`37`	`28`	`/**`
`38`	`29`	`* Create a new CookieGuard instance.`
`39`	`30`	`*`
`@@ -43,8 +34,6 @@ class EncryptCookies`
`43`	`34`	`public function __construct(EncrypterContract $encrypter)`
`44`	`35`	`{`
`45`	`36`	`$this->encrypter = $encrypter;`
`46`		`-`
`47`		`- $this->serialization[config('session.cookie')] = false;`
`48`	`37`	`}`
`49`	`38`
`50`	`39`	`/**`
`@@ -104,7 +93,7 @@ protected function decryptCookie($name, $cookie)`
`104`	`93`	`{`
`105`	`94`	`return is_array($cookie)`
`106`	`95`	`? $this->decryptArray($cookie)`
`107`		`- : $this->encrypter->decrypt($cookie, $this->serialization[$name] ?? true);`
	`96`	`+ : $this->encrypter->decrypt($cookie, false);`
`108`	`97`	`}`
`109`	`98`
`110`	`99`	`/**`
`@@ -119,7 +108,7 @@ protected function decryptArray(array $cookie)`
`119`	`108`
`120`	`109`	`foreach ($cookie as $key => $value) {`
`121`	`110`	`if (is_string($value)) {`
`122`		`- $decrypted[$key] = $this->encrypter->decrypt($value, $this->serialization[$key] ?? true);`
	`111`	`+ $decrypted[$key] = $this->encrypter->decrypt($value, false);`
`123`	`112`	`}`
`124`	`113`	`}`
`125`	`114`
`@@ -139,10 +128,8 @@ protected function encrypt(Response $response)`
`139`	`128`	`continue;`
`140`	`129`	`}`
`141`	`130`
`142`		`- $serialize = $this->serialization[$cookie->getName()] ?? true;`
`143`		`-`
`144`	`131`	`$response->headers->setCookie($this->duplicate(`
`145`		`- $cookie, $this->encrypter->encrypt($cookie->getValue(), $serialize)`
	`132`	`+ $cookie, $this->encrypter->encrypt($cookie->getValue(), false)`
`146`	`133`	`));`
`147`	`134`	`}`
`148`	`135`