Skip to content

Commit

Permalink
Merge pull request #25730 from prathamesh-sonpatki/rm-cookie-only
Browse files Browse the repository at this point in the history 
No need to set `cookie_only` option from Rails
  • Loading branch information
@rafaelfranca
rafaelfranca committed Jul 7, 2016
2 parents 267c53a + 193ad87 commit 24f04b6
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
2 changes: 1 addition & 1 deletion actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ module Session
# <tt>:httponly</tt>.
class CookieStore < AbstractStore
def initialize(app, options={})
super(app, options.merge!(:cookie_only => true))
super(app, options.merge!(cookie_only: true))
end

def delete_session(req, session_id, options)
Expand Down
6 changes: 6 additions & 0 deletions railties/test/application/middleware/session_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -373,5 +373,11 @@ def dump_flash

refute Rails.application.middleware.include?(ActionDispatch::Flash)
end

test "cookie_only is set to true even if user tries to overwrite it" do
add_to_config "config.session_store :cookie_store, key: '_myapp_session', cookie_only: false"
require "#{app_path}/config/environment"
assert app.config.session_options[:cookie_only], "Expected cookie_only to be set to true"
end
end
end

0 comments on commit 24f04b6

Please sign in to comment.