Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Avoid Rack security warning no secret provided

This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
  • Loading branch information...
commit 4d5f950ee381b571efa2b6f1dffc4a3f0b1f60a7 1 parent f1e977c
@spastorino spastorino authored
View
2  actionpack/lib/action_dispatch/middleware/session/abstract_store.rb
@@ -25,6 +25,8 @@ def destroy
module Compatibility
def initialize(app, options = {})
options[:key] ||= '_session_id'
+ # FIXME Rack's secret is not being used
+ options[:secret] ||= SecureRandom.hex(30)
super
end

0 comments on commit 4d5f950

Please sign in to comment.
Something went wrong with that request. Please try again.