diff options
author | bogdanvlviv <bogdanvlviv@gmail.com> | 2018-03-14 13:40:43 +0200 |
---|---|---|
committer | bogdanvlviv <bogdanvlviv@gmail.com> | 2018-03-14 14:19:27 +0200 |
commit | c8a22bb9eef2654c87a0fdb9139d868caf482ec0 (patch) | |
tree | 6bc2bd16b9a43af6bb8f687f3cd4e8df8f0a5ac8 /guides/source/configuring.md | |
parent | ae7a57209d0a2365a6e90684e45d55b7de78101d (diff) | |
download | rails-c8a22bb9eef2654c87a0fdb9139d868caf482ec0.tar.gz rails-c8a22bb9eef2654c87a0fdb9139d868caf482ec0.tar.bz2 rails-c8a22bb9eef2654c87a0fdb9139d868caf482ec0.zip |
Update "Upgrading from Rails 5.1 to Rails 5.2" [ci skip]
Add section "Expiry in signed or encrypted cookie is now embedded in the cookies values"
to `master` since it should always be in the guides, not only for version 5.2.
Add info about `config.action_dispatch.use_authenticated_cookie_encryption`
to the "Configuring Rails Applications" guide.
It was committed straight to `5-2-stable` since we don't need this
functionality in 6.0. Related to b25fcbc074ea688765af62a163698d5449221a8c.
Diffstat (limited to 'guides/source/configuring.md')
-rw-r--r-- | guides/source/configuring.md | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/guides/source/configuring.md b/guides/source/configuring.md index a87b8a2f48..368b74f708 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -502,6 +502,10 @@ Defaults to `'signed cookie'`. * `config.action_dispatch.cookies_rotations` allows rotating secrets, ciphers, and digests for encrypted and signed cookies. +* `config.action_dispatch.use_authenticated_cookie_encryption` controls whether + signed and encrypted cookies use the AES-256-GCM cipher or + the older AES-256-CBC cipher. It defaults to `true`. + * `config.action_dispatch.perform_deep_munge` configures whether `deep_munge` method should be performed on the parameters. See [Security Guide](security.html#unsafe-query-generation) for more information. It defaults to `true`. |