aboutsummaryrefslogtreecommitdiffstats
path: root/config/initializers/session_store.rb
diff options
context:
space:
mode:
Diffstat (limited to 'config/initializers/session_store.rb')
-rw-r--r--config/initializers/session_store.rb10
1 files changed, 5 insertions, 5 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 7e1f190..0f87762 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -3,9 +3,9 @@
# Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information
# (create the session table with "rails generate session_migration")
-BetaWebApp::Application.config.session_store :active_record_store
+# BetaWebApp::Application.config.session_store :active_record_store
-# Make the data and session_id columns mass-assignable,
-# hopefully fends off nasty session bugs,
-# source: https://github.com/rails/activerecord-session_store/issues/6#issuecomment-26214581
-ActiveRecord::SessionStore::Session.attr_accessible :data, :session_id
+
+# Temporarily revert to cookie based sessions
+# Cookie is signed, but not encrypted in Rails 3.x
+BetaWebApp::Application.config.session_store :cookie_store