aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
diff options
context:
space:
mode:
Diffstat (limited to 'actionpack')
-rw-r--r--actionpack/lib/action_controller/cookies.rb2
-rw-r--r--actionpack/lib/action_controller/response.rb3
-rw-r--r--actionpack/test/controller/cookie_test.rb2
3 files changed, 5 insertions, 2 deletions
diff --git a/actionpack/lib/action_controller/cookies.rb b/actionpack/lib/action_controller/cookies.rb
index 840ceb5abd..ca380e98d0 100644
--- a/actionpack/lib/action_controller/cookies.rb
+++ b/actionpack/lib/action_controller/cookies.rb
@@ -41,7 +41,7 @@ module ActionController #:nodoc:
# * <tt>:expires</tt> - The time at which this cookie expires, as a Time object.
# * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
# Default is +false+.
- # * <tt>:http_only</tt> - Whether this cookie is accessible via scripting or
+ # * <tt>:httponly</tt> - Whether this cookie is accessible via scripting or
# only HTTP. Defaults to +false+.
module Cookies
def self.included(base)
diff --git a/actionpack/lib/action_controller/response.rb b/actionpack/lib/action_controller/response.rb
index 4533c12074..6659907975 100644
--- a/actionpack/lib/action_controller/response.rb
+++ b/actionpack/lib/action_controller/response.rb
@@ -169,6 +169,9 @@ module ActionController # :nodoc:
def set_cookie(key, value)
if value.has_key?(:http_only)
+ ActiveSupport::Deprecation.warn(
+ "The :http_only option in ActionController::Response#set_cookie " +
+ "has been renamed. Please use :httponly instead.", caller)
value[:httponly] ||= value.delete(:http_only)
end
diff --git a/actionpack/test/controller/cookie_test.rb b/actionpack/test/controller/cookie_test.rb
index 9508348ca1..657be3c4e4 100644
--- a/actionpack/test/controller/cookie_test.rb
+++ b/actionpack/test/controller/cookie_test.rb
@@ -33,7 +33,7 @@ class CookieTest < ActionController::TestCase
end
def authenticate_with_http_only
- cookies["user_name"] = { :value => "david", :http_only => true }
+ cookies["user_name"] = { :value => "david", :httponly => true }
end
def rescue_action(e)