diff options
author | Harald Eilertsen <haraldei@anduin.net> | 2018-04-17 08:47:59 +0200 |
---|---|---|
committer | Harald Eilertsen <haraldei@anduin.net> | 2018-04-17 08:47:59 +0200 |
commit | cd9b8edfe23a9cc857767f54f753aeb950c95033 (patch) | |
tree | 30802b1ae2a8a33e892af1e3545730c84006a352 | |
parent | 07e9b02a36b12762210062afef15632b3a7564e2 (diff) | |
download | hmnoweb-cd9b8edfe23a9cc857767f54f753aeb950c95033.tar.gz hmnoweb-cd9b8edfe23a9cc857767f54f753aeb950c95033.tar.bz2 hmnoweb-cd9b8edfe23a9cc857767f54f753aeb950c95033.zip |
Temporarily revert back to cookie based sessions.
This also reverts the patch making data and session_id mass assignable
in the session database table. It had no effect.
-rw-r--r-- | config/initializers/session_store.rb | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 7e1f190..0f87762 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -3,9 +3,9 @@ # Use the database for sessions instead of the cookie-based default, # which shouldn't be used to store highly confidential information # (create the session table with "rails generate session_migration") -BetaWebApp::Application.config.session_store :active_record_store +# BetaWebApp::Application.config.session_store :active_record_store -# Make the data and session_id columns mass-assignable, -# hopefully fends off nasty session bugs, -# source: https://github.com/rails/activerecord-session_store/issues/6#issuecomment-26214581 -ActiveRecord::SessionStore::Session.attr_accessible :data, :session_id + +# Temporarily revert to cookie based sessions +# Cookie is signed, but not encrypted in Rails 3.x +BetaWebApp::Application.config.session_store :cookie_store |