2013年10月23日 星期三

安裝 ruby 1.9.3 and rails 3.2.9 server start 會出現 警告!

SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
This poses a security threat. It is strongly recommended that you
provide a secret to prevent exploits that may be possible from crafted
cookies. This will not be supported in future versions of Rack, and
future versions will even invalidate your existing user cookies.

找出ruby 的所在位置 
gems/ruby-1.9.3-p327/gems/actionpack-3.2.10/lib/action_dispatch/middleware/session目錄下的abstract_store.rb,插一行藍色即可:


module Compatibility
      def initialize(app, options = {})
        options[:key] ||= '_session_id'
        options[:secret] ||= Rails.application.config.secret_token 
        super
end

【下列文章您可能也有興趣】

沒有留言: