GitHub Sale: sign up for any paid plan this week and pay nothing until January 1, 2009!  [ hide ]

auser / merb-core fork watch download tarball
public
Fork of wycats/merb-core
Description: Merb Core: All you need. None you don't.
Homepage: http://www.merbivore.com
Clone URL: git://github.com/auser/merb-core.git 
Install gem with --local so it won't poll remote servers for updates 
during install
lsegal (author)
Mon Mar 03 20:00:18 -0800 2008
commit  6793ef9897e5ee6c11f0d29b743dbc9989fa722c
tree    5db13f555e13fdff3c7d0da6b613261f3b6a6b93
parent  f23889f34b791e7e2c0c1ec14be47f7577999d20
merb-core / CONFIG
100644 11 lines (11 sloc) 0.68 kb
raw blame history 
1
2
3
4
5
6
7
8
9
10
11

==== Configuration options
:session_id_cookie_only<Boolean>::
  If true, sessions may be passed only through cookies. If false, they may also
  be passed through the session_id_key query param. This might be necessary for
  flash uploaders, which do not pass cookies with file uploads. This can be
  used in conjunction with :query_string_whitelist.
:query_string_whitelist<Array[String]>::
  A list of "controller/action" URLs that should allow session IDs to be passed
  through the query string even if :session_id_cookie_only is set to true. We
  recommend using session.regenerate after any controller making use of this
  in case someone is trying a session fixation attack.