Project

General

Profile

Refactor #7570

set secret_key_base for rails 6.0 upgrade

Added by Joseph Magen almost 6 years ago. Updated 8 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Rails
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Fixed in Releases:
Found in Releases:

Related issues

Related to Foreman - Tracker #15715: Rails 5.0 upgrade tasksResolved2016-07-18

Related to Foreman - Tracker #20948: Rails 5.1 upgrade tasksClosed2017-09-16

Related to Foreman - Tracker #21834: Rails 5.2 upgrade tasksClosed

Has duplicate Foreman - Refactor #14022: secret_key_base should be configuredDuplicate2016-03-02
Blocks Foreman - Tracker #24837: Rails 6.0 TrackerClosed

Associated revisions

Revision 1f82adb0 (diff)
Added by Tomer Brisker 8 months ago

Fixes #7570 - Replace `secret_token` with `secret_key_base`

This new config setting was introduced in Rails 4 to allow encrypting
cookies. The old setting is being removed in Rails 6.

History

#1 Updated by Joseph Magen almost 6 years ago

http://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html

Rails 4.0 encrypts the contents of cookie-based sessions if secret_key_base has been set. Rails 3.x signed, but did not encrypt, the contents of cookie-based session. Signed cookies are "secure" in that they are verified to have been generated by your app and are tamper-proof. However, the contents can be viewed by end users, and encrypting the contents eliminates this caveat/concern without a significant performance penalty.

#2 Updated by Brandon Weeks over 4 years ago

#3 Updated by Dominic Cleal over 4 years ago

  • Blocked by deleted (Refactor #14022: secret_key_base should be configured)

#4 Updated by Dominic Cleal over 4 years ago

  • Has duplicate Refactor #14022: secret_key_base should be configured added

#5 Updated by Anonymous almost 3 years ago

#6 Updated by Anonymous almost 3 years ago

#7 Updated by Anonymous over 2 years ago

#8 Updated by Anonymous over 2 years ago

  • Subject changed from set secret_key_base for rails 4 upgrade to set secret_key_base for rails 6.0 upgrade
  • Tracker changed from Bug to Refactor

#9 Updated by Anonymous almost 2 years ago

#10 Updated by Anonymous almost 2 years ago

#11 Updated by Anonymous almost 2 years ago

#12 Updated by The Foreman Bot 8 months ago

  • Assignee set to Tomer Brisker
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/7285 added

#13 Updated by The Foreman Bot 8 months ago

  • Fixed in Releases 2.0.0 added

#14 Updated by Tomer Brisker 8 months ago

  • Status changed from Ready For Testing to Closed

Also available in: Atom PDF