Rails3.2.3+ruby1.9.3 环境搭建，提示安全警告

错误描述：

照着教程搭建了Rails的环境，能够正常运行，但是会但一个警告，如下：

SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
This poses a security threat. It is strongly recommended that you
provide a secret to prevent exploits that may be possible from crafted
cookies. This will not be supported in future versions of Rack, and
future versions will even invalidate your existing user cookies.

Called from: E:/ruby193_323/ruby-1.9.3/lib/ruby/gems/1.9.1/gems/actionpack-3.2.3/lib/action_dispatch/middleware/session/abstract_store.rb:28:in `initialize'.

解决方案：

stackoverflow已经有讨论，无需修正，或者硬要修的话，修改/home/soledad/.rvm/gems/ruby-1.9.3-p327/gems/actionpack-3.2.10/lib/action_dispatch/middleware/session目录下的abstract_store.rb，插一行即可:

    module Compatibility
      def initialize(app, options = {})
        options[:key] ||= '_session_id'
        options[:secret] ||= Rails.application.config.secret_token # insert this line, only a temp solution
        super
      end

参考资料：

http://ruby-china.org/topics/7858

posted @ 2013-10-25 15:04 鞋带松了阅读(256) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

鞋带松了

Rails3.2.3+ruby1.9.3 环境搭建，提示安全警告

公告