2 files changed, 3 insertions, 5 deletions

diff --git a/actionpack/test/controller/cookie_test.rb b/actionpack/test/controller/cookie_test.rb
index 278cae1415..4971866e7c 100644
--- a/actionpack/test/controller/cookie_test.rb
+++ b/actionpack/test/controller/cookie_test.rb
@@ -1,7 +1,5 @@
 require 'abstract_unit'
 
-ActionController::Base.config.secret = "thisISverySECRET123"
-
 class CookieTest < ActionController::TestCase
   class TestController < ActionController::Base
     def authenticate
@@ -76,6 +74,7 @@ class CookieTest < ActionController::TestCase
 
   def setup
     super
+    @request.env["action_dispatch.secret_token"] = "thisISverySECRET123"
     @request.host = "www.nextangle.com"
   end
 
diff --git a/actionpack/test/controller/http_digest_authentication_test.rb b/actionpack/test/controller/http_digest_authentication_test.rb
index eb2af523a2..b011536717 100644
--- a/actionpack/test/controller/http_digest_authentication_test.rb
+++ b/actionpack/test/controller/http_digest_authentication_test.rb
@@ -41,8 +41,7 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
   setup do
     # Used as secret in generating nonce to prevent tampering of timestamp
     @secret = "session_options_secret"
-    @controller.config.secret = @secret
-    # @old_secret, ActionController::Base.config.secret[:secret] = ActionController::Base.session_options[:secret], @secret
+    @request.env["action_dispatch.secret_token"] = @secret
   end
 
   teardown do
@@ -206,7 +205,7 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
 
   test "validate_digest_response should fail with nil returning password_procedure" do
     @request.env['HTTP_AUTHORIZATION'] = encode_credentials(:username => nil, :password => nil)
-    assert !ActionController::HttpAuthentication::Digest.validate_digest_response(@secret, @request, "SuperSecret"){nil}
+    assert !ActionController::HttpAuthentication::Digest.validate_digest_response(@request, "SuperSecret"){nil}
   end
 
   private