diff options
| -rw-r--r-- | config/initializers/session_store.rb | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 7e1f190..0f87762 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -3,9 +3,9 @@ # Use the database for sessions instead of the cookie-based default, # which shouldn't be used to store highly confidential information # (create the session table with "rails generate session_migration") -BetaWebApp::Application.config.session_store :active_record_store +# BetaWebApp::Application.config.session_store :active_record_store -# Make the data and session_id columns mass-assignable, -# hopefully fends off nasty session bugs, -# source: https://github.com/rails/activerecord-session_store/issues/6#issuecomment-26214581 -ActiveRecord::SessionStore::Session.attr_accessible :data, :session_id + +# Temporarily revert to cookie based sessions +# Cookie is signed, but not encrypted in Rails 3.x +BetaWebApp::Application.config.session_store :cookie_store |