Skip to content
This repository
Browse code

Avoid Rack security warning no secret provided

This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
  • Loading branch information...
commit 4d5f950ee381b571efa2b6f1dffc4a3f0b1f60a7 1 parent f1e977c
Santiago Pastorino spastorino authored
2  actionpack/lib/action_dispatch/middleware/session/abstract_store.rb
@@ -25,6 +25,8 @@ def destroy
25 25 module Compatibility
26 26 def initialize(app, options = {})
27 27 options[:key] ||= '_session_id'
  28 + # FIXME Rack's secret is not being used
  29 + options[:secret] ||= SecureRandom.hex(30)
28 30 super
29 31 end
30 32

0 comments on commit 4d5f950

Please sign in to comment.
Something went wrong with that request. Please try again.