Secure sessions.

author: Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de> 2016-01-27 00:30:48 +0100
committer: Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de> 2016-01-27 01:50:48 +0100
commit: d86ff35bf1d6a26f5136f1250a355bd8d1ad9e02 (patch)
tree: 656d493bae7e296e4677ecbe1db7291597bd6e69
parent: 36e432d10e8e331298b4733fb83ac5958f2b61cf (diff)
download: ecs2-d86ff35bf1d6a26f5136f1250a355bd8d1ad9e02.tar.gz
ecs2-d86ff35bf1d6a26f5136f1250a355bd8d1ad9e02.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 54d3cdf..5f4eac3 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -24,7 +24,8 @@
 # no regular words or you'll be exposed to dictionary attacks.
 ActionController::Base.session = {
   :key         => '_ecs2_session',
-  :secret      => 'd7cbf7e65e30a174a914b6f9bf9769c0ff92666c652bd2c76e4598a0eaf70334719473189c41a043e32d8e7c0294e4b5b6e0e240acbffbe0d2f5708ee6fba93e'
+  :secret      => 'd7cbf7e65e30a174a914b6f9bf9769c0ff92666c652bd2c76e4598a0eaf70334719473189c41a043e32d8e7c0294e4b5b6e0e240acbffbe0d2f5708ee6fba93e',
+  :secure      => true
 }
 
 # Use the database for sessions instead of the cookie-based default,
author	Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de>	2016-01-27 00:30:48 +0100
committer	Heiko Bernloehr <Heiko.Bernloehr@FreeIT.de>	2016-01-27 01:50:48 +0100
commit	d86ff35bf1d6a26f5136f1250a355bd8d1ad9e02 (patch)
tree	656d493bae7e296e4677ecbe1db7291597bd6e69
parent	36e432d10e8e331298b4733fb83ac5958f2b61cf (diff)
download	ecs2-d86ff35bf1d6a26f5136f1250a355bd8d1ad9e02.tar.gz ecs2-d86ff35bf1d6a26f5136f1250a355bd8d1ad9e02.zip