diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2012-11-02 00:43:24 -0200 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2012-11-03 14:57:54 -0200 |
commit | d63783983f8c03d5c624938081615579dcc753f7 (patch) | |
tree | b42307bc74f5d2e5eaebc0a5e080ee9e94475288 | |
parent | 4faa0418453055bc81456685d418d486252cc379 (diff) | |
download | rails-d63783983f8c03d5c624938081615579dcc753f7.tar.gz rails-d63783983f8c03d5c624938081615579dcc753f7.tar.bz2 rails-d63783983f8c03d5c624938081615579dcc753f7.zip |
Disallow ability to use EncryptedCookieJar with DummyKeyGenerator
Developers must set config.secret_key_base in
config/initializers/secret_token.rb
-rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 1090473797..7936dcb515 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -347,6 +347,11 @@ module ActionDispatch class EncryptedCookieJar < SignedCookieJar #:nodoc: def initialize(parent_jar, key_generator, options = {}) + if ActiveSupport::DummyKeyGenerator === key_generator + raise "Encrypted Cookies must be used in conjunction with config.secret_key_base." + + "Set config.secret_key_base in config/initializers/secret_token.rb" + end + @parent_jar = parent_jar @options = options secret = key_generator.generate_key(@options[:encrypted_cookie_salt]) |