No secret option provided to Rack::Session::Cookie

执行rails s时出现如下错误:
SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
        This poses a security threat. It is strongly recommended that you
        provide a secret to prevent exploits that may be possible from crafted
        cookies. This will not be supported in future versions of Rack, and
        future versions will even invalidate your existing user cookies.


做如下修改
/usr/lib/ruby/gems/1.9.1/gems/actionpack-3.2.9/lib/action_dispatch/middleware/session/abstract_store.rb

module Compatibility
      def initialize(app, options = {})
        options[:key] ||= '_session_id'
        options[:secret] ||= Rails.application.config.secret_token # insert this line, only a temp solution
        super
      end

你可能感兴趣的:(session)