新手问题 出现 config.secret_token error 的原因 / 原理?

tailang · 2013年05月10日 · 最后由 zj0713001 回复于 2013年05月10日 · 5275 次阅读

在 github 上 clone 了一个项目,准备学习,但是 rails s 时出现下面的错误:

ArgumentError (A secret is required to generate an integrity hash for cookie session data. Use config.secret_token = "some secret phrase of at least 30 characters"in config/initializers/secret_token.rb)

现在知道解决方法:

$rake secret

但是还是不太明白为什么出现这个错误

哪个项目?给出地址看看?

对比下rake secret前后的结果就知道了嘛 rake secret前:

# Be sure to restart your server when you modify this file.

# Your secret key for verifying the integrity of signed cookies.
# If you change this key, all old signed cookies will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
Rabel::Application.config.secret_token = ENV['SECRET_TOKEN']

rake secret后:

# Be sure to restart your server when you modify this file.

# Your secret key for verifying the integrity of signed cookies.
# If you change this key, all old signed cookies will become invalid!
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
Rabel::Application.config.secret_token = 'a983e6bd6bf8887301c27220b46ec936bf9ef85de195da7f535a8a5d937f4cdb840dcd69e6b54a8cf894a117bbc3de5ba45b806bbaba5d022e611c789d3ffeca'

checkout 这个项目下来的时候 secret_token 实质上是环境变量中的 Secret Token,但是你当时肯定没有设置过,长度为 0,< 30,所以报错了。rake secret后重新替你生成了这个文件,自然就符合要求了。

config/application.example.yml 改名字了么

@iBachue 谢谢,麻烦了,现在明白了

#7 楼 @tailang 那不应该啊 application.example.yml 里面是默认有 ENV['SECRET_TOKEN'] 的 诡异了

需要 登录 后方可回复, 如果你还没有账号请 注册新账号