From bb2985018d48f2b1521d5bd100ebba399d3c380e Mon Sep 17 00:00:00 2001
From: Ken Johnson <cktricky@Kens-MacBook-Pro.local>
Date: Tue, 4 Jun 2013 13:59:41 -0400
Subject: [PATCH] closes issue #7

---
 .../tutorial/ssl_tls/_ssl_tls_first.html.erb  | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/app/views/layouts/tutorial/ssl_tls/_ssl_tls_first.html.erb b/app/views/layouts/tutorial/ssl_tls/_ssl_tls_first.html.erb
index 5acc83b..3bf824d 100755
--- a/app/views/layouts/tutorial/ssl_tls/_ssl_tls_first.html.erb
+++ b/app/views/layouts/tutorial/ssl_tls/_ssl_tls_first.html.erb
@@ -16,7 +16,9 @@
           </div>
           <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
             <div class="accordion-inner">
-              Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+              <p class="desc">
+	 Applications frequently fail to authenticate, encrypt, and protect the confidentiality and integrity of sensitive network traffic. When they do, they sometimes support weak algorithms, use expired or invalid certificates, or do not use them correctly.
+	 		  </p>
             </div>
           </div>
         </div>
@@ -30,7 +32,9 @@
           </div>
           <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
             <div class="accordion-inner">
-              Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+             <p class="desc">
+				The application currently does not use SSL (this is not the bug). Once it does, we will show the bug. For now, check out the solution section.
+			 </p>
             </div>
           </div>
         </div>
@@ -44,7 +48,18 @@
           </div>
           <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
             <div class="accordion-inner">
-              Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+              <p class="desc">
+				In order to enforce transport layer security and ensure all requests are made over SSL, navigate to the environment file that matches the environment you would like to apply this to and add:
+			  </p>
+			  <pre class="ruby">
+				 config.force_ssl = true
+			  </pre>
+			  <p class="desc">
+				To protect sessions from being sent over non-encrypted channels, mark your cookies with the secure flag. Under config/initializers/session_store.rb added the following option (highlighted):
+			  </p>	 	
+			  <pre class="ruby">
+				Railsgoat::Application.config.session_store :cookie_store, key: '_railsgoat_session'<span style="background-color:yellow">, :secure => true
+			  </pre>	
             </div>
           </div>
         </div>
@@ -58,7 +73,7 @@
           </div>
           <div class="accordion-body collapse" id="collapseFour" style="height: 0px;">
             <div class="accordion-inner">
-              Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+              N/A
             </div>
           </div>
         </div>