diff options
| author | Kasper Timm Hansen <kaspth@gmail.com> | 2017-09-24 19:02:12 +0200 |
|---|---|---|
| committer | Kasper Timm Hansen <kaspth@gmail.com> | 2017-09-24 19:02:12 +0200 |
| commit | 92afe55b179152a5747b70cc5d5375395581b70f (patch) | |
| tree | 14756a5a7db4f639690f53b75687f896bd885e66 | |
| parent | 36888b9387731394f0079fc855ab9ad61ba8dfe5 (diff) | |
| download | rails-92afe55b179152a5747b70cc5d5375395581b70f.tar.gz rails-92afe55b179152a5747b70cc5d5375395581b70f.tar.bz2 rails-92afe55b179152a5747b70cc5d5375395581b70f.zip | |
[ci skip] RotationConfiguration is an implementation detail, not public API.
| -rw-r--r-- | activesupport/lib/active_support/messages/rotation_configuration.rb | 2 | ||||
| -rw-r--r-- | guides/source/security.md | 11 |
2 files changed, 5 insertions, 8 deletions
diff --git a/activesupport/lib/active_support/messages/rotation_configuration.rb b/activesupport/lib/active_support/messages/rotation_configuration.rb index 12566bdb63..908658ff02 100644 --- a/activesupport/lib/active_support/messages/rotation_configuration.rb +++ b/activesupport/lib/active_support/messages/rotation_configuration.rb @@ -2,7 +2,7 @@ module ActiveSupport module Messages - class RotationConfiguration + class RotationConfiguration # :nodoc: attr_reader :signed, :encrypted def initialize diff --git a/guides/source/security.md b/guides/source/security.md index b0b71cad7d..994978b88b 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -161,12 +161,9 @@ It is also useful to rotate this value for other more benign reasons, such as an employee leaving your organization or changing hosting environments. -Key rotations can be defined through the -`config.action_dispatch.cookies_rotations` configuration value. This -value is set to an instance of -[RotationConfiguration](http://api.rubyonrails.org/classes/ActiveSupport/RotationConfiguration.html) -which provides an interface for rotating signed and encrypted cookie -keys, salts, digests, and ciphers. +Key rotations can be defined through +`config.action_dispatch.cookies_rotations` which provides an interface for +rotating signed and encrypted cookie keys, salts, digests, and ciphers. For example, suppose we want to rotate out an old `secret_key_base`, we can define a signed and encrypted key rotation as follows: @@ -185,7 +182,7 @@ config.action_dispatch.cookies_rotations.rotate :signed, Multiple rotations are possible by calling `rotate` multiple times. For example, suppose we want to use SHA512 for signed cookies while rotating -out SHA256 and SHA1 digests using the same `secret_key_base` +out SHA256 and SHA1 digests using the same `secret_key_base`: ```ruby config.action_dispatch.signed_cookie_digest = "SHA512" |