Added support for http_only cookies in cookie_store Added unit tests for secure and http_only cookies in cookie_store

Signed-off-by: Michael Koziarski <michael@koziarski.com> [#1046 state:committed]
author: Pelle Braendgaard <pelleb@gmail.com> 2008-09-16 09:22:11 -0700
committer: Michael Koziarski <michael@koziarski.com> 2008-09-17 13:20:16 +0200
commit: 7ecb9689b03335ec28958c506b083390f4212d45 (patch)
tree: e359e86f989b0c9a27f9bafba68c5ba6cd9f01bc /actionpack/lib/action_controller/cgi_process.rb
parent: c47525a58397851895b25f7c1bba06b30b0f6b5d (diff)
download: rails-7ecb9689b03335ec28958c506b083390f4212d45.tar.gz
rails-7ecb9689b03335ec28958c506b083390f4212d45.tar.bz2
rails-7ecb9689b03335ec28958c506b083390f4212d45.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/cgi_process.rb b/actionpack/lib/action_controller/cgi_process.rb
index d381af1b84..fabacd9b83 100644
--- a/actionpack/lib/action_controller/cgi_process.rb
+++ b/actionpack/lib/action_controller/cgi_process.rb
@@ -42,7 +42,8 @@ module ActionController #:nodoc:
       :prefix           => "ruby_sess.",    # prefix session file names
       :session_path     => "/",             # available to all paths in app
       :session_key      => "_session_id",
-      :cookie_only      => true
+      :cookie_only      => true,
+      :session_http_only=> true
     }
 
     def initialize(cgi, session_options = {})
author	Pelle Braendgaard <pelleb@gmail.com>	2008-09-16 09:22:11 -0700
committer	Michael Koziarski <michael@koziarski.com>	2008-09-17 13:20:16 +0200
commit	7ecb9689b03335ec28958c506b083390f4212d45 (patch)
tree	e359e86f989b0c9a27f9bafba68c5ba6cd9f01bc /actionpack/lib/action_controller/cgi_process.rb
parent	c47525a58397851895b25f7c1bba06b30b0f6b5d (diff)
download	rails-7ecb9689b03335ec28958c506b083390f4212d45.tar.gz rails-7ecb9689b03335ec28958c506b083390f4212d45.tar.bz2 rails-7ecb9689b03335ec28958c506b083390f4212d45.zip