Actions
Defect #12755
closed
Rack SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Gems support
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Wont fix
Affected version:
Description
/home/user/.rvm/rubies/jruby-1.7.0/bin/jruby --1.9 -e $stdout.sync=true;$stderr.sync=true;load($0=ARGV.shift) /home/user/redmine-2.2/script/rails server -b 172.16.107.48 -p 3000 -e production
=> Booting WEBrick
=> Rails 3.2.10 application starting in production on http://localhost:3000
=> Call with -d to detach
=> Ctrl-C to shutdown server
/home/usre/redmine-2.2/lib/redmine.rb:26 warning: already initialized constant FCSV
SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
This poses a security threat. It is strongly recommended that you
provide a secret to prevent exploits that may be possible from crafted
cookies. This will not be supported in future versions of Rack, and
future versions will even invalidate your existing user cookies.Called from: /home/user/.rvm/gems/jruby-1.7.0/gems/actionpack-3.2.10/lib/action_dispatch/middleware/session/abstract_store.rb:28:in `initialize'.[2013-01-07 15:12:01] INFO WEBrick 1.3.1
[2013-01-07 15:12:01] INFO ruby 1.9.3 (2012-11-28) [java]
[2013-01-07 15:12:01] INFO WEBrick::HTTPServer#start: pid=17280 port=3000
seel also http://stackoverflow.com/questions/10374871/no-secret-option-provided-to-racksessioncookie-warning
Updated by 
Updated by 
Updated by
Actions