Merge branch 'release/0.11'0.11.0.3

author: Louise Crow <louise.crow@gmail.com> 2013-06-04 15:03:02 +0100
committer: Louise Crow <louise.crow@gmail.com> 2013-06-04 15:03:02 +0100
commit: a885764b65916020d9182073b38f6951a20d4b8c (patch)
tree: 0988651c144b65a8e46b28b376b2e72a5947d934 /config/initializers/secret_token.rb
parent: eb1c465162420ad62c16dccb983cb28aa89a4639 (diff)
parent: a919141992a40599f99b32bd4a8312a0009f3f7a (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb
new file mode 100644
index 000000000..d120b94ae
--- /dev/null
+++ b/config/initializers/secret_token.rb
@@ -0,0 +1,12 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+
+# Just plopping an extra character on the secret_token so that any sessions on upgrading from
+# Rails 2 to Rails 3 version of Alaveteli are invalidated.
+# See http://blog.carbonfive.com/2011/03/19/rails-3-upgrade-tip-invalidate-session-cookies/
+
+Alaveteli::Application.config.secret_token = "3" + AlaveteliConfiguration::cookie_store_session_secret
author	Louise Crow <louise.crow@gmail.com>	2013-06-04 15:03:02 +0100
committer	Louise Crow <louise.crow@gmail.com>	2013-06-04 15:03:02 +0100
commit	a885764b65916020d9182073b38f6951a20d4b8c (patch)
tree	0988651c144b65a8e46b28b376b2e72a5947d934 /config/initializers/secret_token.rb
parent	eb1c465162420ad62c16dccb983cb28aa89a4639 (diff)
parent	a919141992a40599f99b32bd4a8312a0009f3f7a (diff)