Inform people that were using the cookie store as default and a caveat

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@7483 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
author: David Heinemeier Hansson <david@loudthinking.com> 2007-09-15 21:22:27 +0000
committer: David Heinemeier Hansson <david@loudthinking.com> 2007-09-15 21:22:27 +0000
commit: 2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3 (patch)
tree: bf1b96352ffaf84d78bfc26debd5cad324f2a693 /railties/environments
parent: 494d2c631bbfacd6d67c5c502422c2502c2fcd3a (diff)
download: rails-2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3.tar.gz
rails-2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3.tar.bz2
rails-2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/railties/environments/environment.rb b/railties/environments/environment.rb
index 73ebf20d3f..c34a07e024 100644
--- a/railties/environments/environment.rb
+++ b/railties/environments/environment.rb
@@ -33,7 +33,8 @@ Rails::Initializer.run do |config|
     :secret      => '<%= app_secret %>'
   }
 
-  # Use the database for sessions instead of the file system
+  # Use the database for sessions instead of the cookie-based default,
+  # which shouldn't be used to store highly confidential information
   # (create the session table with 'rake db:sessions:create')
   # config.action_controller.session_store = :active_record_store
author	David Heinemeier Hansson <david@loudthinking.com>	2007-09-15 21:22:27 +0000
committer	David Heinemeier Hansson <david@loudthinking.com>	2007-09-15 21:22:27 +0000
commit	2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3 (patch)
tree	bf1b96352ffaf84d78bfc26debd5cad324f2a693 /railties/environments
parent	494d2c631bbfacd6d67c5c502422c2502c2fcd3a (diff)
download	rails-2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3.tar.gz rails-2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3.tar.bz2 rails-2fba012c018a7e29e5e0afa2ba6a6ea91b07b0a3.zip