diff options
| author | Ryan Bigg <radarlistener@gmail.com> | 2008-10-01 21:38:16 +0930 |
|---|---|---|
| committer | Ryan Bigg <radarlistener@gmail.com> | 2008-10-01 21:38:16 +0930 |
| commit | dbbd757edd896947e33fdf18ba870b8df5974d62 (patch) | |
| tree | cc0428bee430a18200925acb830f3dc3946e31de /actionpack/lib/action_controller/session_management.rb | |
| parent | 6aca4458e3a1712a4a675ee7bf2cd35701ff75c9 (diff) | |
| parent | 8292c7dfce4b893588860053e50ef60ae9a0609a (diff) | |
| download | rails-dbbd757edd896947e33fdf18ba870b8df5974d62.tar.gz rails-dbbd757edd896947e33fdf18ba870b8df5974d62.tar.bz2 rails-dbbd757edd896947e33fdf18ba870b8df5974d62.zip | |
Merge branch 'master' of git@github.com:lifo/docrails
Diffstat (limited to 'actionpack/lib/action_controller/session_management.rb')
| -rw-r--r-- | actionpack/lib/action_controller/session_management.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/actionpack/lib/action_controller/session_management.rb b/actionpack/lib/action_controller/session_management.rb index f5a1155a46..fd3d94ed97 100644 --- a/actionpack/lib/action_controller/session_management.rb +++ b/actionpack/lib/action_controller/session_management.rb @@ -60,6 +60,10 @@ module ActionController #:nodoc: # # the session will only work over HTTPS, but only for the foo action # session :only => :foo, :session_secure => true # + # # the session by default uses HttpOnly sessions for security reasons. + # # this can be switched off. + # session :only => :foo, :session_http_only => false + # # # the session will only be disabled for 'foo', and only if it is # # requested as a web service # session :off, :only => :foo, |