Rails wtf. 3.2.10 出现 Rack::Session::Cookie SECURITY WARNING

calebx · 2013年01月07日 · 最后由 charles 回复于 2013年01月08日 · 4287 次阅读

启动服务出现这么一段 warning... SECURITY WARNING: No secret option provided to Rack::Session::Cookie. This poses a security threat. It is strongly recommended that you provide a secret to prevent exploits that may be possible from crafted cookies. This will not be supported in future versions of Rack, and future versions will even invalidate your existing user cookies.

Called from: /Users/calebx/.rvm/gems/ruby-1.9.3-p194/gems/actionpack-3.2.10/lib/action_dispatch/middleware/session/abstract_store.rb:28:in `initialize'.

wtf...

http://stackoverflow.com/questions/10374871/no-secret-option-provided-to-racksessioncookie-warning

This is a Rails bug, as the subclass is violating the superclass API contract.

The warning can be safely ignored by Rails users.

需要 登录 后方可回复, 如果你还没有账号请 注册新账号