This method is deprecated or moved on the latest stable version.
The last existing version (v2.2.1) is shown here.
ensure_secret_secure(secret)
public
To prevent users from using something insecure like "Password" we
make sure that the secret they’ve provided is at least 30 characters
in length.
# File actionpack/lib/action_controller/session/cookie_store.rb, line 85
def ensure_secret_secure(secret)
# There's no way we can do this check if they've provided a proc for the
# secret.
return true if secret.is_a?(Proc)
if secret.blank?
raise ArgumentError, %Q{A secret is required to generate an integrity hash for cookie session data. Use config.action_controller.session = { :session_key => "_myapp_session", :secret => "some secret phrase of at least #{SECRET_MIN_LENGTH} characters" } in config/environment.rb}
end
if secret.length < SECRET_MIN_LENGTH
raise ArgumentError, %Q{Secret should be something secure, like "#{CGI::Session.generate_unique_id}". The value you provided, "#{secret}", is shorter than the minimum length of #{SECRET_MIN_LENGTH} characters}
end
end
