Skip to content
Browse files

Merge pull request #11261 from ryan-endacott/fixguide

Removed redundant upgrade docs on new cookies.
  • Loading branch information...
2 parents 8b5439c + 746b7dd commit a9a40b5f9ffcf0489a5cf85e92546579299fb98e @senny senny committed Jul 4, 2013
Showing with 0 additions and 10 deletions.
  1. +0 −10 guides/source/upgrading_ruby_on_rails.md
View
10 guides/source/upgrading_ruby_on_rails.md
@@ -194,16 +194,6 @@ If you are relying on the ability for external applications or Javascript to be
* Rails 4.0 encrypts the contents of cookie-based sessions if `secret_key_base` has been set. Rails 3.x signed, but did not encrypt, the contents of cookie-based session. Signed cookies are "secure" in that they are verified to have been generated by your app and are tamper-proof. However, the contents can be viewed by end users, and encrypting the contents eliminates this caveat/concern without a significant performance penalty.
-As described above, existing signed cookies generated with Rails 3.x will be transparently upgraded if you leave your existing `secret_token` in place and add the new `secret_key_base`.
-
-```ruby
- # config/initializers/secret_token.rb
- Myapp::Application.config.secret_token = 'existing secret token'
- Myapp::Application.config.secret_key_base = 'new secret key base'
-```
-
-The same caveats apply here, too. You should wait to set `secret_key_base` until you have 100% of your userbase on Rails 4.x and are reasonably sure you will not need to rollback to Rails 3.x. You should also take care to make sure you are not relying on the ability to decode signed cookies generated by your app in external applications or Javascript before upgrading.
-
Please read [Pull Request #9978](https://github.com/rails/rails/pull/9978) for details on the move to encrypted session cookies.
* Rails 4.0 removed the `ActionController::Base.asset_path` option. Use the assets pipeline feature.

0 comments on commit a9a40b5

Please sign in to comment.
Something went wrong with that request. Please try again.