team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

slight change to make our cookie even more insecure

Browse Source
This commit is contained in:
cktricky
2014-06-27 12:05:50 -04:00
parent c8e48e1c3c
commit 2a12765933
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/initializers/session_store.rb
+1 -1
View File
@@ -1,6 +1,6 @@
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
Railsgoat::Application.config.session_store :cookie_store, key: '_railsgoat_session' Railsgoat::Application.config.session_store :cookie_store, key: '_railsgoat_session', httponly: false
# Use the database for sessions instead of the cookie-based default, # Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information # which shouldn't be used to store highly confidential information