From 274a3aa64cb903c52a41d1767cac0bc3eae44172 Mon Sep 17 00:00:00 2001
From: Trevor Turk <trevorturk@gmail.com>
Date: Thu, 28 Mar 2013 14:35:48 -0500
Subject: Allow transparent upgrading of legacy signed cookies to encrypted
 cookies; Automatically configure cookie-based sessions to use the best cookie
 jar given the app's config

---
 railties/lib/rails/application.rb | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

(limited to 'railties/lib/rails/application.rb')

diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 563905e8b3..455ceed5f8 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -1,4 +1,5 @@
 require 'fileutils'
+require 'active_support/core_ext/object/blank'
 # FIXME remove DummyKeyGenerator and this require in 4.1
 require 'active_support/key_generator'
 require 'rails/engine'
@@ -122,7 +123,8 @@ module Rails
     #
     #   * "action_dispatch.parameter_filter"             => config.filter_parameters
     #   * "action_dispatch.redirect_filter"              => config.filter_redirect
-    #   * "action_dispatch.secret_token"                 => config.secret_token,
+    #   * "action_dispatch.secret_token"                 => config.secret_token
+    #   * "action_dispatch.secret_key_base"              => config.secret_key_base
     #   * "action_dispatch.show_exceptions"              => config.action_dispatch.show_exceptions
     #   * "action_dispatch.show_detailed_exceptions"     => config.consider_all_requests_local
     #   * "action_dispatch.logger"                       => Rails.logger
@@ -135,13 +137,12 @@ module Rails
     #
     def env_config
       @app_env_config ||= begin
-        if config.secret_key_base.nil?
-          ActiveSupport::Deprecation.warn "You didn't set config.secret_key_base in config/initializers/secret_token.rb file. " +
-            "This should be used instead of the old deprecated config.secret_token in order to use the new EncryptedCookieStore. " +
-            "To convert safely to the encrypted store (without losing existing cookies and sessions), see http://guides.rubyonrails.org/upgrading_ruby_on_rails.html#action-pack"
+        if config.secret_key_base.blank?
+          ActiveSupport::Deprecation.warn "You didn't set config.secret_key_base. " +
+            "Read the upgrade documentation to learn more about this new config option."
 
           if config.secret_token.blank?
-            raise "You must set config.secret_key_base in your app's config"
+            raise "You must set config.secret_key_base in your app's config."
           end
         end
 
-- 
cgit v1.2.3