diff options
| author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2019-01-16 20:12:40 -0500 |
|---|---|---|
| committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2019-01-17 16:08:34 -0500 |
| commit | 1a6a3e06ed7242d9a4ed66e9c3d77035bf1362a1 (patch) | |
| tree | 040abfe7591fd0290655d85e6ddd503cb0744688 /actionpack/lib/action_dispatch/middleware/session/cookie_store.rb | |
| parent | 46ac5fe69a20d4539a15929fe48293e1809a26b0 (diff) | |
| download | rails-1a6a3e06ed7242d9a4ed66e9c3d77035bf1362a1.tar.gz rails-1a6a3e06ed7242d9a4ed66e9c3d77035bf1362a1.tar.bz2 rails-1a6a3e06ed7242d9a4ed66e9c3d77035bf1362a1.zip | |
Remove secret_token rack env and cookie upgrade code
Now that secret_token was removed all this code is now dead.
Diffstat (limited to 'actionpack/lib/action_dispatch/middleware/session/cookie_store.rb')
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/session/cookie_store.rb | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb index df680c1c5f..02ccfbc81a 100644 --- a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb +++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb @@ -16,11 +16,6 @@ module ActionDispatch # The cookie jar used for storage is automatically configured to be the # best possible option given your application's configuration. # - # If you only have secret_token set, your cookies will be signed, but - # not encrypted. This means a user cannot alter their +user_id+ without - # knowing your app's secret key, but can easily read their +user_id+. This - # was the default for Rails 3 apps. - # # Your cookies will be encrypted using your apps secret_key_base. This # goes a step further than signed cookies in that encrypted cookies cannot # be altered or read by users. This is the default starting in Rails 4. |