views:

24

answers:

1

Hi! I started reading Agile Web Development with Rails, its a very good book!

I have one question: I store session in database, I want comment out this line in application_controller:

protect_from_forgery :secret => '8fc080370e56e929a2d5afca5540a0f7'

in rails 2.3.8. its different (# See ActionController::RequestForgeryProtection for details), where is this setting?

+1  A: 

In application controller you should have:

class ApplicationController < ActionController::Base
  protect_from_forgery
end

In config/initializers/session_store.rb:

ActionController::Base.session = {
  :key         => '_example_session',
  :secret      => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
}

ActionController::Base.session_store = :active_record_store
Voldy