diff options
| author | Yauheni Dakuka <yauheni.dakuka@gmail.com> | 2017-09-13 09:36:53 +0300 |
|---|---|---|
| committer | Yauheni Dakuka <yauheni.dakuka@gmail.com> | 2017-09-13 09:36:53 +0300 |
| commit | 70bb0cc2ec9ab13f362a2cc9d414c8622c74e796 (patch) | |
| tree | fb5c6857b78a09e6dc8c010ed4e1be2fe3022d9e /guides | |
| parent | 5af7d475c8cd7d3dbffca7452f3dcb221896e8e5 (diff) | |
| download | rails-70bb0cc2ec9ab13f362a2cc9d414c8622c74e796.tar.gz rails-70bb0cc2ec9ab13f362a2cc9d414c8622c74e796.tar.bz2 rails-70bb0cc2ec9ab13f362a2cc9d414c8622c74e796.zip | |
Fix created_at [ci skip]
Diffstat (limited to 'guides')
| -rw-r--r-- | guides/source/security.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/guides/source/security.md b/guides/source/security.md index d0d7e12b0a..882daa9806 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -189,7 +189,7 @@ class Session < ApplicationRecord end ``` -The section about session fixation introduced the problem of maintained sessions. An attacker maintaining a session every five minutes can keep the session alive forever, although you are expiring sessions. A simple solution for this would be to add a created_at column to the sessions table. Now you can delete sessions that were created a long time ago. Use this line in the sweep method above: +The section about session fixation introduced the problem of maintained sessions. An attacker maintaining a session every five minutes can keep the session alive forever, although you are expiring sessions. A simple solution for this would be to add a `created_at` column to the sessions table. Now you can delete sessions that were created a long time ago. Use this line in the sweep method above: ```ruby delete_all "updated_at < '#{time.ago.to_s(:db)}' OR |