Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Use :key instead of old :session_key in session_store.rb generator an…

…d docs [#1746 state:resovled]

Signed-off-by: Joshua Peek <josh@joshpeek.com>
  • Loading branch information...
commit d3107ce3b04a14bd5674da6812acbff30aedaf73 1 parent b6a94fc
Cody Fauser authored josh committed
View
6 actionpack/lib/action_controller/session/cookie_store.rb
@@ -163,9 +163,9 @@ def unmarshal(cookie)
def ensure_session_key(key)
if key.blank?
- raise ArgumentError, 'A session_key is required to write a ' +
+ raise ArgumentError, 'A key is required to write a ' +
'cookie containing the session data. Use ' +
- 'config.action_controller.session = { :session_key => ' +
+ 'config.action_controller.session = { :key => ' +
'"_myapp_session", :secret => "some secret phrase" } in ' +
'config/environment.rb'
end
@@ -181,7 +181,7 @@ def ensure_secret_secure(secret)
if secret.blank?
raise ArgumentError, "A secret is required to generate an " +
"integrity hash for cookie session data. Use " +
- "config.action_controller.session = { :session_key => " +
+ "config.action_controller.session = { :key => " +
"\"_myapp_session\", :secret => \"some secret phrase of at " +
"least #{SECRET_MIN_LENGTH} characters\" } " +
"in config/environment.rb"
View
2  railties/configs/initializers/session_store.rb
@@ -5,7 +5,7 @@
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
ActionController::Base.session = {
- :session_key => '_<%= app_name %>_session',
+ :key => '_<%= app_name %>_session',
:secret => '<%= app_secret %>'
}
View
2  railties/doc/guides/source/security.txt
@@ -93,7 +93,7 @@ That means the security of this storage depends on this secret (and of the diges
....................................
config.action_controller.session = {
- :session_key => ‘_app_session’,
+ :key => ‘_app_session’,
:secret => ‘0x0dkfj3927dkc7djdh36rkckdfzsg...’
}
....................................

0 comments on commit d3107ce

Please sign in to comment.
Something went wrong with that request. Please try again.