I decided to have a go at this tonight. Patch attached at http://rails.lighthouseapp.com/projects/8994-ruby-on-rails/tickets/957
I'm happy to hear any feedback on the patch - as it might have a broader impact than I'm aware of with my limited experience hacking on rails source. Cheers, Tim. On Tue, Sep 2, 2008 at 7:11 PM, Michael Koziarski <[EMAIL PROTECTED]>wrote: > > > I'm wondering if the secret param should ever be used when using the > cookie > > session store? If not, should rails raise an error when configured with > the > > cookie store and secret param? > > Ideally yes, rails would raise an error when misconfigured like this. > I believe at present the presence or absence of the :secret key is > something which determines which approach to use, so it might require > a little bit of refactoring first. > > > > -- > Cheers > > Koz > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
