diff options
author | Pratik Naik <pratiknaik@gmail.com> | 2008-09-27 14:04:46 +0100 |
---|---|---|
committer | Pratik Naik <pratiknaik@gmail.com> | 2008-09-27 14:04:46 +0100 |
commit | fda846cf5ddf523b00a39c26591489794b5de568 (patch) | |
tree | 00d4860d53e5c861fd9b3f483f04ff0d2db19307 /actionpack/lib/action_controller/session_management.rb | |
parent | df046298715b1927a832973c4c29955696fee02c (diff) | |
parent | ea609b265ffc30cac00bf09a262027f96964ed6f (diff) | |
download | rails-fda846cf5ddf523b00a39c26591489794b5de568.tar.gz rails-fda846cf5ddf523b00a39c26591489794b5de568.tar.bz2 rails-fda846cf5ddf523b00a39c26591489794b5de568.zip |
Merge commit 'mainstream/master'
Conflicts:
activerecord/lib/active_record/base.rb
railties/Rakefile
railties/doc/guides/activerecord/association_basics.txt
railties/doc/guides/debugging/debugging_rails_applications.txt
railties/doc/guides/getting_started_with_rails/getting_started_with_rails.txt
railties/doc/guides/index.txt
railties/doc/guides/migrations/foreign_keys.txt
railties/doc/guides/migrations/migrations.txt
railties/doc/guides/migrations/writing_a_migration.txt
railties/doc/guides/routing/routing_outside_in.txt
Diffstat (limited to 'actionpack/lib/action_controller/session_management.rb')
-rw-r--r-- | actionpack/lib/action_controller/session_management.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/actionpack/lib/action_controller/session_management.rb b/actionpack/lib/action_controller/session_management.rb index f5a1155a46..fd3d94ed97 100644 --- a/actionpack/lib/action_controller/session_management.rb +++ b/actionpack/lib/action_controller/session_management.rb @@ -60,6 +60,10 @@ module ActionController #:nodoc: # # the session will only work over HTTPS, but only for the foo action # session :only => :foo, :session_secure => true # + # # the session by default uses HttpOnly sessions for security reasons. + # # this can be switched off. + # session :only => :foo, :session_http_only => false + # # # the session will only be disabled for 'foo', and only if it is # # requested as a web service # session :off, :only => :foo, |