Use urlsafe base64 decode

2026-02-21 04:00:34 +09:00 · 2025-12-02 11:34:12 +01:00
parent bebe518c74
commit 4d04f9beee
2 changed files with 2 additions and 2 deletions
--- a/lib/rails_ext/action_text_attachables.rb
+++ b/lib/rails_ext/action_text_attachables.rb
@@ -20,7 +20,7 @@ ActiveSupport.on_load(:action_text_content) do
              # Rails 7 used an older format of GID that serialized the payload using Marshall
              # Since we intentionally skip signature verification, we can't safely unmarshal the data
              # To work around this, we manually extract the GID from the marshaled data
-              Base64.strict_decode64(data).match(%r{(gid://campfire/[^/]+/\d+)})&.to_s
+              Base64.urlsafe_decode64(data).match(%r{(gid://campfire/[^/]+/\d+)})&.to_s
            else
              nil
            end
--- a/test/lib/rails_ext/action_text_attachables_test.rb
+++ b/test/lib/rails_ext/action_text_attachables_test.rb
@@ -15,7 +15,7 @@ class ActionText::AttachmentTest < ActiveSupport::TestCase

  test "from_node with a Rails 7 SGID" do
    gid = @user.to_gid.to_s
-    marshaled_gid = Base64.strict_encode64(Marshal.dump(gid))
+    marshaled_gid = Base64.urlsafe_encode64(Marshal.dump(gid))
    rails7_payload = { "_rails" => { "message" => marshaled_gid, "exp" => nil, "pur" => "attachable" } }
    rails7_message = Base64.strict_encode64(JSON.generate(rails7_payload))
    rails7_sgid = "#{rails7_message}--invalidsignature"