diff options
| author | Rafael Mendonça França <rafael.franca@plataformatec.com.br> | 2014-11-10 21:22:11 -0200 |
|---|---|---|
| committer | Rafael Mendonça França <rafael.franca@plataformatec.com.br> | 2014-11-10 21:22:11 -0200 |
| commit | 99dccf1aae31520b701fc37e62542db1e6c0994f (patch) | |
| tree | 8150e2fcc49c7b1a778164aaf71fe584b0136fa1 /actionpack/lib | |
| parent | 0ed6ebcf9095c65330d3950cfb6b75ba7ea78853 (diff) | |
| parent | bda93b2bb272c34e46a5454d4658a0139b135e93 (diff) | |
| download | rails-99dccf1aae31520b701fc37e62542db1e6c0994f.tar.gz rails-99dccf1aae31520b701fc37e62542db1e6c0994f.tar.bz2 rails-99dccf1aae31520b701fc37e62542db1e6c0994f.zip | |
Merge branch 'rm-fix-secret-token-fallback'
Diffstat (limited to 'actionpack/lib')
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 83ac62a83d..9037bf0e0a 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -120,7 +120,7 @@ module ActionDispatch # the cookie again. This is useful for creating cookies with values that the user is not supposed to change. If a signed # cookie was tampered with by the user (or a 3rd party), nil will be returned. # - # If +secrets.secret_key_base+ and +config.secret_token+ (deprecated) are both set, + # If +secrets.secret_key_base+ and +secrets.secret_token+ (deprecated) are both set, # legacy cookies signed with the old key generator will be transparently upgraded. # # This jar requires that you set a suitable secret for the verification on your app's +secrets.secret_key_base+. @@ -143,7 +143,7 @@ module ActionDispatch # Returns a jar that'll automatically encrypt cookie values before sending them to the client and will decrypt them for read. # If the cookie was tampered with by the user (or a 3rd party), nil will be returned. # - # If +secrets.secret_key_base+ and +config.secret_token+ (deprecated) are both set, + # If +secrets.secret_key_base+ and +secrets.secret_token+ (deprecated) are both set, # legacy cookies signed with the old key generator will be transparently upgraded. # # This jar requires that you set a suitable secret for the verification on your app's +secrets.secret_key_base+. @@ -479,7 +479,7 @@ module ActionDispatch end # UpgradeLegacySignedCookieJar is used instead of SignedCookieJar if - # config.secret_token and secrets.secret_key_base are both set. It reads + # secrets.secret_token and secrets.secret_key_base are both set. It reads # legacy cookies signed with the old dummy key generator and re-saves # them using the new key generator to provide a smooth upgrade path. class UpgradeLegacySignedCookieJar < SignedCookieJar #:nodoc: @@ -537,7 +537,7 @@ module ActionDispatch end # UpgradeLegacyEncryptedCookieJar is used by ActionDispatch::Session::CookieStore - # instead of EncryptedCookieJar if config.secret_token and secrets.secret_key_base + # instead of EncryptedCookieJar if secrets.secret_token and secrets.secret_key_base # are both set. It reads legacy cookies signed with the old dummy key generator and # encrypts and re-saves them using the new key generator to provide a smooth upgrade path. class UpgradeLegacyEncryptedCookieJar < EncryptedCookieJar #:nodoc: |