Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Inform people that were using the cookie store as default and a caveat

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7483 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information...
commit 2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3 1 parent 494d2c6
@dhh dhh authored
Showing with 2 additions and 1 deletion.
  1. +2 −1  railties/environments/environment.rb
View
3  railties/environments/environment.rb
@@ -33,7 +33,8 @@
:secret => '<%= app_secret %>'
}
- # Use the database for sessions instead of the file system
+ # Use the database for sessions instead of the cookie-based default,
+ # which shouldn't be used to store highly confidential information
# (create the session table with 'rake db:sessions:create')
# config.action_controller.session_store = :active_record_store
Please sign in to comment.
Something went wrong with that request. Please try again.