From 170cb2ee9ba825c6f9ea6544bb118f7e31194251 Mon Sep 17 00:00:00 2001
From: Benjamin Fleischer <bf4@users.noreply.github.com>
Date: Thu, 25 Oct 2018 10:36:39 -0500
Subject: ActionController::API *does* support cookies, sessions

ActionController::Metal provides session support by delegating `session  to the request (`"@_request"`)
https://github.com/rails/rails/blob/a3dcba42e2422eb9c2e77011a39ce72dc934b420/actionpack/lib/action_controller/metal.rb#L149

Though the ActionController::Cookies modules isn't included, it's really a convenience for providing a first class `cookies` object.

*all* ActionController::Metal subclasses support setting cookies via the `session` object.
---
 actionpack/lib/action_controller/api.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'actionpack/lib')

diff --git a/actionpack/lib/action_controller/api.rb b/actionpack/lib/action_controller/api.rb
index 93ffff1bd6..c276ee57c0 100644
--- a/actionpack/lib/action_controller/api.rb
+++ b/actionpack/lib/action_controller/api.rb
@@ -12,7 +12,7 @@ module ActionController
   #
   # An API Controller is different from a normal controller in the sense that
   # by default it doesn't include a number of features that are usually required
-  # by browser access only: layouts and templates rendering, cookies, sessions,
+  # by browser access only: layouts and templates rendering,
   # flash, assets, and so on. This makes the entire controller stack thinner,
   # suitable for API applications. It doesn't mean you won't have such
   # features if you need them: they're all available for you to include in
-- 
cgit v1.2.3