Forced encoding for deterministic encryption and other improvements by jorgemanr...
source link: https://github.com/rails/rails/pull/42491
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
This includes two improvements and one bugfix for Active Record Encryption:
Add new option to force encoding for attributes encrypted deterministically
Active Record stores the desired encoding as a header in the encrypted message. This means that the same value with different encodings can result in different ciphertexts. This can result in bugs where uniqueness constraints or queries fail.
This adds a new option forced_encoding_for_deterministic_encryption that is Encoding::UTF_8 by default. It can be disabled by setting it to nil.
Add support for exists? when querying encrypted attributes
This adds support for exists?(...) queries, so that their arguments are augmented with encryption concerns (e.g: including previous encryption schemes, including clean texts if configured.)
EncryptedBook.exists?(name: "Dune")
Fix: re-encrypting was losing the case when using ignore_case: true
Re-encrypting attributes with ignore_case: true was downcasing the values and losing the previous case.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK