Restore cookie store httponly default to true. Remove extraneous dup of options on initialization [#1784 state:resolved]

Signed-off-by: Joshua Peek <josh@joshpeek.com>
author: Cody Fauser <codyfauser@gmail.com> 2009-01-20 11:50:43 -0600
committer: Joshua Peek <josh@joshpeek.com> 2009-01-20 11:50:43 -0600
commit: c090e5e0755bea3a7cd7135329f8dae6094810b6 (patch)
tree: 82c49d137f7553f3fd069966192f0a0c8daa0a3a /actionpack/lib
parent: 9cefd5ea0c21595d73762b5d60a760a3ed9fe8bf (diff)
download: rails-c090e5e0755bea3a7cd7135329f8dae6094810b6.tar.gz
rails-c090e5e0755bea3a7cd7135329f8dae6094810b6.tar.bz2
rails-c090e5e0755bea3a7cd7135329f8dae6094810b6.zip
1 files changed, 1 insertions, 3 deletions
diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb
index e061c4d4a1..6ad6369950 100644
--- a/actionpack/lib/action_controller/session/cookie_store.rb
+++ b/actionpack/lib/action_controller/session/cookie_store.rb
@@ -45,7 +45,7 @@ module ActionController
         :domain       => nil,
         :path         => "/",
         :expire_after => nil,
-        :httponly     => false
+        :httponly     => true
       }.freeze
 
       ENV_SESSION_KEY = "rack.session".freeze
@@ -56,8 +56,6 @@ module ActionController
       class CookieOverflow < StandardError; end
 
       def initialize(app, options = {})
-        options = options.dup
-
         # Process legacy CGI options
         options = options.symbolize_keys
         if options.has_key?(:session_path)
author	Cody Fauser <codyfauser@gmail.com>	2009-01-20 11:50:43 -0600
committer	Joshua Peek <josh@joshpeek.com>	2009-01-20 11:50:43 -0600
commit	c090e5e0755bea3a7cd7135329f8dae6094810b6 (patch)
tree	82c49d137f7553f3fd069966192f0a0c8daa0a3a /actionpack/lib
parent	9cefd5ea0c21595d73762b5d60a760a3ed9fe8bf (diff)
download	rails-c090e5e0755bea3a7cd7135329f8dae6094810b6.tar.gz rails-c090e5e0755bea3a7cd7135329f8dae6094810b6.tar.bz2 rails-c090e5e0755bea3a7cd7135329f8dae6094810b6.zip