From 70117b02949ccd724735aec8f4f19db4171e9e05 Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Sat, 15 Dec 2007 02:27:56 +0000 Subject: Introduce (in /Users/jeremy/rails/git/trunk) to output a crytographically secure secret key for use with cookie sessions. git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8400 5ecf4fe2-1ee6-0310-87b1-e25e094e27de --- actionpack/lib/action_controller/session/cookie_store.rb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'actionpack/lib/action_controller/session/cookie_store.rb') diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb index 0da092225a..e33a241e99 100644 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ b/actionpack/lib/action_controller/session/cookie_store.rb @@ -34,6 +34,9 @@ require 'openssl' # to generate the HMAC message digest # defaults to 'SHA1' but may be any digest provided by OpenSSL, # such as 'MD5', 'RIPEMD160', 'SHA256', etc. # +# To generate a secret key for an existing application, run +# `rake generate:secret` and set the key in config/environment.rb +# # Note that changing digest or secret invalidates all existing sessions! class CGI::Session::CookieStore # Cookies can typically store 4096 bytes. -- cgit v1.2.3