diff options
| author |  dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 2024-03-25 11:00:36 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2024-03-25 11:00:36 +0000 |
| commit | 29031d1e274360f5fe8c53e56d1b0ae71628795f (patch) | |
| tree | 54149ea2a80e863349e3cd8c02e6a6d1b3fcfe3f /vendor/github.com/gorilla/sessions/store.go | |
| parent | [chore]: Bump github.com/coreos/go-oidc/v3 from 3.9.0 to 3.10.0 (#2779) (diff) | |
| download | gotosocial-29031d1e274360f5fe8c53e56d1b0ae71628795f.tar.xz | |
[chore]: Bump github.com/gin-contrib/sessions from 0.0.5 to 1.0.0 (#2782)
Diffstat (limited to 'vendor/github.com/gorilla/sessions/store.go')
| -rw-r--r-- | vendor/github.com/gorilla/sessions/store.go | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/vendor/github.com/gorilla/sessions/store.go b/vendor/github.com/gorilla/sessions/store.go index bb7f9647d..aea37e4b5 100644 --- a/vendor/github.com/gorilla/sessions/store.go +++ b/vendor/github.com/gorilla/sessions/store.go @@ -6,11 +6,9 @@ package sessions import ( "encoding/base32" - "io/ioutil" "net/http" "os" "path/filepath" - "strings" "sync" "github.com/gorilla/securecookie" @@ -201,6 +199,8 @@ func (s *FilesystemStore) New(r *http.Request, name string) (*Session, error) { return session, err } +var base32RawStdEncoding = base32.StdEncoding.WithPadding(base32.NoPadding) + // Save adds a single session to the response. // // If the Options.MaxAge of the session is <= 0 then the session file will be @@ -211,7 +211,7 @@ func (s *FilesystemStore) Save(r *http.Request, w http.ResponseWriter, session *Session) error { // Delete if max-age is <= 0 if session.Options.MaxAge <= 0 { - if err := s.erase(session); err != nil { + if err := s.erase(session); err != nil && !os.IsNotExist(err) { return err } http.SetCookie(w, NewCookie(session.Name(), "", session.Options)) @@ -221,9 +221,8 @@ func (s *FilesystemStore) Save(r *http.Request, w http.ResponseWriter, if session.ID == "" { // Because the ID is used in the filename, encode it to // use alphanumeric characters only. - session.ID = strings.TrimRight( - base32.StdEncoding.EncodeToString( - securecookie.GenerateRandomKey(32)), "=") + session.ID = base32RawStdEncoding.EncodeToString( + securecookie.GenerateRandomKey(32)) } if err := s.save(session); err != nil { return err @@ -261,7 +260,7 @@ func (s *FilesystemStore) save(session *Session) error { filename := filepath.Join(s.path, "session_"+session.ID) fileMutex.Lock() defer fileMutex.Unlock() - return ioutil.WriteFile(filename, []byte(encoded), 0600) + return os.WriteFile(filename, []byte(encoded), 0600) } // load reads a file and decodes its content into session.Values. @@ -269,7 +268,7 @@ func (s *FilesystemStore) load(session *Session) error { filename := filepath.Join(s.path, "session_"+session.ID) fileMutex.RLock() defer fileMutex.RUnlock() - fdata, err := ioutil.ReadFile(filename) + fdata, err := os.ReadFile(filepath.Clean(filename)) if err != nil { return err } |