`

No secret option provided to Rack::Session::Cookie

 
阅读更多
执行rails s时出现如下错误: 
SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
        This poses a security threat. It is strongly recommended that you
        provide a secret to prevent exploits that may be possible from crafted
        cookies. This will not be supported in future versions of Rack, and
        future versions will even invalidate your existing user cookies.


做如下修改
/usr/lib/ruby/gems/1.9.1/gems/actionpack-3.2.9/lib/action_dispatch/middleware/session/abstract_store.rb 

module Compatibility
      def initialize(app, options = {})
        options[:key] ||= '_session_id'
        options[:secret] ||= Rails.application.config.secret_token # insert this line, only a temp solution
        super
      end
分享到:
| rails 调试
评论
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics