我正在阅读RailsTutorial并且我坚持使用测试驱动开发部分。
当我打电话
$ rails generate integration_test static_pages
SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
This poses a security threat. It is strongly recommended that you
provide a secret to prevent exploits that may be possible from crafted
cookies. This will not be supported in future versions of Rack, and
future versions will even invalidate your existing user cookies.
Called from: /Users/Marcus/.rvm/gems/ruby-1.9.3-p448@rails3tutorial2ndEd/gems/actionpack-3.2.3/lib/action_dispatch/middleware/session/abstract_store.rb:28:in `initialize'.
我跑
时收到了类似的错误$ rails server
Marcuss-MacBook-Pro-2:public Marcus$ rails s
=> Booting WEBrick
=> Rails 3.2.3 application starting in development on http://0.0.0.0:3000
=> Call with -d to detach
=> Ctrl-C to shutdown server
SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
This poses a security threat. It is strongly recommended that you
provide a secret to prevent exploits that may be possible from crafted
cookies. This will not be supported in future versions of Rack, and
future versions will even invalidate your existing user cookies.
Called from: /Users/Marcus/.rvm/gems/ruby-1.9.3-p448@rails3tutorial2ndEd/gems/actionpack-3.2.3/lib/action_dispatch/middleware/session/abstract_store.rb:28:in `initialize'.
服务器将运行,但会发生此错误。有谁知道如何解决这个问题?
谢谢 - 如果您需要更多信息,请与我们联系。
答案 0 :(得分:5)
看起来你正在使用Rails 3.2.3。这个问题是fixed in Rails 3.2.11。将Rails升级到3.2系列中的最新版本(目前为3.2.15)将解决此问题,并保护您免受某些严重的安全漏洞的影响,这些漏洞已在高于您使用的版本中修复。
答案 1 :(得分:-1)
此安全警告是在2013年1月6日在rubygems.org上发布的机架1.4.2中引入的。它不会改变您在应用上的工作,所以最好忽略它。