Refactor #7570: set secret_key_base for rails 6.0 upgrade - Foreman

Rails 4.0 encrypts the contents of cookie-based sessions if secret_key_base has been set. Rails 3.x signed, but did not encrypt, the contents of cookie-based session. Signed cookies are "secure" in that they are verified to have been generated by your app and are tamper-proof. However, the contents can be viewed by end users, and encrypting the contents eliminates this caveat/concern without a significant performance penalty.

Actions

Copy link

Updated by Brandon Weeks almost 9 years ago

Blocked by Refactor #14022: secret_key_base should be configured added

Actions

Copy link

Updated by Dominic Cleal almost 9 years ago

Blocked by deleted (Refactor #14022: secret_key_base should be configured)

Actions

Copy link

Updated by Dominic Cleal almost 9 years ago

Has duplicate Refactor #14022: secret_key_base should be configured added

Actions

Copy link

Updated by Anonymous about 7 years ago

Related to Tracker #15715: Rails 5.0 upgrade tasks added

Actions

Copy link

Updated by Anonymous about 7 years ago

Related to Tracker #20948: Rails 5.1 upgrade tasks added

Actions

Copy link

Updated by Anonymous about 7 years ago

Related to Tracker #21834: Rails 5.2 upgrade tasks added

Actions

Copy link

Updated by Anonymous almost 7 years ago

Tracker changed from Bug to Refactor
Subject changed from set secret_key_base for rails 4 upgrade to set secret_key_base for rails 6.0 upgrade