diff options
| author | Cody Fauser <codyfauser@gmail.com> | 2009-01-13 14:27:23 -0600 |
|---|---|---|
| committer | Joshua Peek <josh@joshpeek.com> | 2009-01-13 14:27:23 -0600 |
| commit | d3107ce3b04a14bd5674da6812acbff30aedaf73 (patch) | |
| tree | 28ab854f0426bf9d28c6b7f8d475e5185a78e8c7 | |
| parent | b6a94fc1c611216c6d1001bb6044973b01dbba38 (diff) | |
| download | rails-d3107ce3b04a14bd5674da6812acbff30aedaf73.tar.gz rails-d3107ce3b04a14bd5674da6812acbff30aedaf73.tar.bz2 rails-d3107ce3b04a14bd5674da6812acbff30aedaf73.zip | |
Use :key instead of old :session_key in session_store.rb generator and docs [#1746 state:resovled]
Signed-off-by: Joshua Peek <josh@joshpeek.com>
| -rw-r--r-- | actionpack/lib/action_controller/session/cookie_store.rb | 6 | ||||
| -rw-r--r-- | railties/configs/initializers/session_store.rb | 2 | ||||
| -rw-r--r-- | railties/doc/guides/source/security.txt | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb index 135bedaf50..e061c4d4a1 100644 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ b/actionpack/lib/action_controller/session/cookie_store.rb @@ -163,9 +163,9 @@ module ActionController def ensure_session_key(key) if key.blank? - raise ArgumentError, 'A session_key is required to write a ' + + raise ArgumentError, 'A key is required to write a ' + 'cookie containing the session data. Use ' + - 'config.action_controller.session = { :session_key => ' + + 'config.action_controller.session = { :key => ' + '"_myapp_session", :secret => "some secret phrase" } in ' + 'config/environment.rb' end @@ -181,7 +181,7 @@ module ActionController if secret.blank? raise ArgumentError, "A secret is required to generate an " + "integrity hash for cookie session data. Use " + - "config.action_controller.session = { :session_key => " + + "config.action_controller.session = { :key => " + "\"_myapp_session\", :secret => \"some secret phrase of at " + "least #{SECRET_MIN_LENGTH} characters\" } " + "in config/environment.rb" diff --git a/railties/configs/initializers/session_store.rb b/railties/configs/initializers/session_store.rb index 40179e0aa3..4499ab84b6 100644 --- a/railties/configs/initializers/session_store.rb +++ b/railties/configs/initializers/session_store.rb @@ -5,7 +5,7 @@ # Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. ActionController::Base.session = { - :session_key => '_<%= app_name %>_session', + :key => '_<%= app_name %>_session', :secret => '<%= app_secret %>' } diff --git a/railties/doc/guides/source/security.txt b/railties/doc/guides/source/security.txt index 9b3f47932e..b4e8bb4b41 100644 --- a/railties/doc/guides/source/security.txt +++ b/railties/doc/guides/source/security.txt @@ -93,7 +93,7 @@ That means the security of this storage depends on this secret (and of the diges .................................... config.action_controller.session = { - :session_key => ‘_app_session’, + :key => ‘_app_session’, :secret => ‘0x0dkfj3927dkc7djdh36rkckdfzsg...’ } .................................... |