From b38397868ea18c7b003cdb49d1d41a8b20fc4991 Mon Sep 17 00:00:00 2001 From: Shannon Deminick Date: Sun, 12 May 2013 21:07:16 -1000 Subject: [PATCH] Fixes: #U4-2214 - encrypted cookie value issue when it is invalid --- src/Umbraco.Web/Security/WebSecurity.cs | 11 +++++++++-- src/umbraco.businesslogic/BasePages/BasePage.cs | 11 +++++++++-- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/src/Umbraco.Web/Security/WebSecurity.cs b/src/Umbraco.Web/Security/WebSecurity.cs index e7551ae2ea..972644ff49 100644 --- a/src/Umbraco.Web/Security/WebSecurity.cs +++ b/src/Umbraco.Web/Security/WebSecurity.cs @@ -379,9 +379,16 @@ namespace Umbraco.Web.Security return encTicket.DecryptWithMachineKey(); } } - catch (HttpException ex) + catch (Exception ex) { - // we swallow this type of exception as it happens if a legacy (pre 4.8.1) cookie is set + if (ex is ArgumentException || ex is FormatException || ex is HttpException) + { + StateHelper.Cookies.UserContext.Clear(); + } + else + { + throw; + } } } return ""; diff --git a/src/umbraco.businesslogic/BasePages/BasePage.cs b/src/umbraco.businesslogic/BasePages/BasePage.cs index 8e2eb59e97..e44a92c30b 100644 --- a/src/umbraco.businesslogic/BasePages/BasePage.cs +++ b/src/umbraco.businesslogic/BasePages/BasePage.cs @@ -267,9 +267,16 @@ namespace umbraco.BasePages return encTicket.DecryptWithMachineKey(); } } - catch (HttpException ex) + catch (Exception ex) { - // we swallow this type of exception as it happens if a legacy (pre 4.8.1) cookie is set + if (ex is ArgumentException || ex is FormatException || ex is HttpException) + { + StateHelper.Cookies.UserContext.Clear(); + } + else + { + throw; + } } } return "";