diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
index f5957301c620c..bd6dd5dbe3531 100644
--- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
+++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb
@@ -27,7 +27,7 @@ module Session
# Rails.application.config.session_store :cookie_store, key: '_your_app_session'
#
# In the development and test environments your application's +secret_key_base+ is
- # generated by Rails and stored in a temporary file in tmp/development_secret.txt.
+ # generated by Rails and stored in a temporary file in tmp/local_secret.txt.
# In all other environments, it is stored encrypted in the
# config/credentials.yml.enc file.
#
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 6dab174e250bd..4d1e32377a15f 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -458,7 +458,7 @@ def secrets
# including the ones that sign and encrypt cookies.
#
# In development and test, this is randomly generated and stored in a
- # temporary file in tmp/development_secret.txt.
+ # temporary file in tmp/local_secret.txt.
#
# You can also set ENV["SECRET_KEY_BASE_DUMMY"] to trigger the use of a randomly generated
# secret_key_base that's stored in a temporary file. This is useful when precompiling assets for
@@ -471,7 +471,7 @@ def secrets
# the correct place to store it is in the encrypted credentials file.
def secret_key_base
if Rails.env.local? || ENV["SECRET_KEY_BASE_DUMMY"]
- config.secret_key_base ||= generate_development_secret
+ config.secret_key_base ||= generate_local_secret
else
validate_secret_key_base(
ENV["SECRET_KEY_BASE"] || credentials.secret_key_base || secrets.secret_key_base
@@ -645,9 +645,9 @@ def ensure_generator_templates_added
end
private
- def generate_development_secret
+ def generate_local_secret
if config.secret_key_base.nil?
- key_file = Rails.root.join("tmp/development_secret.txt")
+ key_file = Rails.root.join("tmp/local_secret.txt")
if File.exist?(key_file)
config.secret_key_base = File.binread(key_file)
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index a7eccf4edad99..a862b407666bb 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -733,7 +733,21 @@ def index
app "development"
assert_not_nil app.secret_key_base
- assert File.exist?(app_path("tmp/development_secret.txt"))
+ assert File.exist?(app_path("tmp/local_secret.txt"))
+ end
+
+ test "application will generate secret_key_base in tmp file if blank in test" do
+ app_file "config/initializers/secret_token.rb", <<-RUBY
+ Rails.application.credentials.secret_key_base = nil
+ RUBY
+
+ # For test that works even if tmp dir does not exist.
+ Dir.chdir(app_path) { FileUtils.remove_dir("tmp") }
+
+ app "test"
+
+ assert_not_nil app.secret_key_base
+ assert File.exist?(app_path("tmp/local_secret.txt"))
end
test "application will not generate secret_key_base in tmp file if blank in production" do