-
Notifications
You must be signed in to change notification settings - Fork 21.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ci skip] Clarity about embed metadata in signed and encrypted cookie #36245
Conversation
@@ -85,7 +85,7 @@ Rails 6.1. You are encouraged to enable `config.force_ssl` to enforce HTTPS | |||
connections throughout your application. If you need to exempt certain endpoints | |||
from redirection, you can use `config.ssl_options` to configure that behavior. | |||
|
|||
### Purpose in signed or encrypted cookie is now embedded within cookies | |||
### Purpose metadata in signed or encrypted cookie is now embedded within cookies |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The existing sentence is actually correct, though incomplete, the proposed change makes it sound even more wrong.
This should be:
Purpose and expiry metadata is now embedded inside signed and encrypted cookies for increased security.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that's actually correct.
|
||
To improve security, Rails embeds the purpose information in encrypted or signed cookies value. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This sentence seemed basically repeating the same thing as the new sub-heading.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lets retain this to maintain the flow of sentences below
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@vipulnsward Retained this sentence with some modifications made to it for consistency.
@vipulnsward Done. |
purpose
is not a known entity,purpose metadata
is.