diff options
author | rick <technoweenie@gmail.com> | 2008-09-20 13:00:20 -0700 |
---|---|---|
committer | rick <technoweenie@gmail.com> | 2008-09-20 13:00:20 -0700 |
commit | 22e830f883af0b56de81186c184751b6398d0141 (patch) | |
tree | 0de20fad9f3a7ce2e49d660d1243b5b02a32e290 /actionpack/lib/action_controller/session_management.rb | |
parent | 0aef9d1a2651fa0acd2adcd2de308eeb0ec8cdd2 (diff) | |
parent | a3b7fa78bfdc33e45e39c095b67e02d50a2c7bea (diff) | |
download | rails-22e830f883af0b56de81186c184751b6398d0141.tar.gz rails-22e830f883af0b56de81186c184751b6398d0141.tar.bz2 rails-22e830f883af0b56de81186c184751b6398d0141.zip |
Merge branch 'master' of git@github.com:rails/rails
Diffstat (limited to 'actionpack/lib/action_controller/session_management.rb')
-rw-r--r-- | actionpack/lib/action_controller/session_management.rb | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/actionpack/lib/action_controller/session_management.rb b/actionpack/lib/action_controller/session_management.rb index 80a3ddd2c5..fd3d94ed97 100644 --- a/actionpack/lib/action_controller/session_management.rb +++ b/actionpack/lib/action_controller/session_management.rb @@ -60,6 +60,10 @@ module ActionController #:nodoc: # # the session will only work over HTTPS, but only for the foo action # session :only => :foo, :session_secure => true # + # # the session by default uses HttpOnly sessions for security reasons. + # # this can be switched off. + # session :only => :foo, :session_http_only => false + # # # the session will only be disabled for 'foo', and only if it is # # requested as a web service # session :off, :only => :foo, @@ -86,14 +90,14 @@ module ActionController #:nodoc: raise ArgumentError, "only one of either :only or :except are allowed" end - write_inheritable_array("session_options", [options]) + write_inheritable_array(:session_options, [options]) end # So we can declare session options in the Rails initializer. alias_method :session=, :session def cached_session_options #:nodoc: - @session_options ||= read_inheritable_attribute("session_options") || [] + @session_options ||= read_inheritable_attribute(:session_options) || [] end def session_options_for(request, action) #:nodoc: |