Rails 2.3.4 breaks if I set a cookie's value to a FixNum?

Hi all -

I just upgraded a project to 2.3.4
(a54f572d6f994615a2053c361728b65520a1cb53) and I get errors if I set a
cookie to a number like this:

cookies[‘foo’] = 123 # errors out on a call to CGI::escape(123)

private method gsub' called for 0:Fixnum /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/ 1.8/cgi.rb:342:inescape’
to_s' vendor/rails/actionpack/lib/action_controller/cgi_ext/cookie.rb:72:incollect’
to_s' vendor/rails/actionpack/lib/action_controller/cookies.rb:92:inset_cookie’
vendor/rails/actionpack/lib/action_controller/cookies.rb:73:in []=' app/controllers/application_controller.rb:33:inset_cookies’

Digging through the code the offending method is below.

diff --git a/vendor/rails/actionpack/lib/action_controller/cgi_ext/
cookie.rb b/vendor/rails/actionpack/lib/action_controller/cgi_ext/
index 009ddd1…a8cb771 100755
— a/vendor/rails/actionpack/lib/action_controller/cgi_ext/cookie.rb
+++ b/vendor/rails/actionpack/lib/action_controller/cgi_ext/cookie.rb
@@ -69,7 +69,7 @@ class CGI #:nodoc:
def to_s
buf = ‘’
buf << @name << ‘=’

  •  buf << (@value.kind_of?(String) ? CGI::escape(@value) :

@value.collect{|v| CGI::escape(v) }.join("&"))

  •  buf << (@value.kind_of?(String) ? CGI::escape(@value) :

@value.collect{|v| CGI::escape(v.to_s) }.join("&"))
buf << ‘; domain=’ << @domain if @domain
buf << ‘; path=’ << @path if @path
buf << ‘; expires=’ << CGI::rfc1123_date(@expires) if @expires

Couple of questions… CGI::escape’s source indicates it takes a
string and does zero checking before trying to call gsub on it. So
why isn’t this method calling to_s on the value? Is there a reason
I’m not thinking of that it shouldn’t do this?
Secondly, I tried to add a test to Rails to check this, but none of
the cookie tests seem to touch this section of the code. Which seems
odd to me and makes me wonder if I’m doing something wrong or if the
tests simply don’t trigger this. However, if I make this change in my
vendor/rails and hit my application it does get called. Any ideas
And lastly, is this worthy of a bug submission? Or was I living fast
and loose thinking I could assign pure numbers to my cookies?

Hrm. I think I’m losing it… that github commit isn’t 2.3.4, but
still the rest applies… I think. Heh.

All -

Sorry for the wasted bandwidth. Not sure what happened, but this
isn’t relevant.