aboutsummaryrefslogtreecommitdiffstats
path: root/activesupport/lib
diff options
context:
space:
mode:
authorClaudio B <claudiob@inventati.org>2017-08-07 20:32:03 -0700
committerDavid Heinemeier Hansson <david@loudthinking.com>2017-08-07 22:32:03 -0500
commitaf954ddd54e2b720d84bbf781600a4ef30b0c345 (patch)
tree03aceba16b2b108ce46f3ae4f1a0b4b631fbf6a6 /activesupport/lib
parent7c89948c416fbc32b59e33a0ab454545b4f6fed7 (diff)
downloadrails-af954ddd54e2b720d84bbf781600a4ef30b0c345.tar.gz
rails-af954ddd54e2b720d84bbf781600a4ef30b0c345.tar.bz2
rails-af954ddd54e2b720d84bbf781600a4ef30b0c345.zip
[ci skip] Prefer cookies.encrypted over signed (#30129)
In some examples and guides we are recommending to use code like: ```ruby verified_user = User.find_by(id: cookies.signed[:user_id]) ``` My suggestion is to use instead: ```ruby verified_user = User.find_by(id: cookies.encrypted[:user_id]) ``` which invites users to prefer the "newer" encrypted cookies over the "legacy" signed cookies.
Diffstat (limited to 'activesupport/lib')
-rw-r--r--activesupport/lib/active_support/current_attributes.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/activesupport/lib/active_support/current_attributes.rb b/activesupport/lib/active_support/current_attributes.rb
index 9ab1546064..4e6d8e4585 100644
--- a/activesupport/lib/active_support/current_attributes.rb
+++ b/activesupport/lib/active_support/current_attributes.rb
@@ -33,7 +33,7 @@ module ActiveSupport
#
# private
# def authenticate
- # if authenticated_user = User.find_by(id: cookies.signed[:user_id])
+ # if authenticated_user = User.find_by(id: cookies.encrypted[:user_id])
# Current.user = authenticated_user
# else
# redirect_to new_session_url