Clever Geek Handbook

Why was session_store.rb removed in Rails 5.1?

Rails 5.1 deletes the file config/initializers/session_store.rb

. the upgrade manual does not mention this. Can someone explain why it was removed and what should we do with our existing file? My current file looks like this:

Rails.application.config.session_store(
  :cookie_store,
  :key => '_foo_session', # any value
  :secure => Rails.env.production? || Rails.env.staging?, # Only send cookie over SSL when in production and staging
  :http_only => true # Don't allow Javascript to access the cookie (mitigates cookie-based XSS exploits)
)
+3


source to share


No one has answered this question yet

Check out similar questions:



More articles:


All Articles