Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Inform people that were using the cookie store as default and a caveat

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7483 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information...
commit 2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3 1 parent 494d2c6
@dhh dhh authored
Showing with 2 additions and 1 deletion.
  1. +2 −1  railties/environments/environment.rb
View
3  railties/environments/environment.rb
@@ -33,7 +33,8 @@
:secret => '<%= app_secret %>'
}
- # Use the database for sessions instead of the file system
+ # Use the database for sessions instead of the cookie-based default,
+ # which shouldn't be used to store highly confidential information
# (create the session table with 'rake db:sessions:create')
# config.action_controller.session_store = :active_record_store
Please sign in to comment.
Something went wrong with that request. Please try again.