1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Updating 3.0 release notes with cookie session store and secret changes

This commit is contained in:
Mikel Lindsaar 2010-03-11 22:18:28 +11:00
parent 6932b180f8
commit 0db8af1099

View file

@ -233,8 +233,8 @@ More Information: - "Rails Edge Architecture":http://yehudakatz.com/2009/06/11/r
h4. Action Controller
* <tt>application_controller.rb</tt> now has <tt>protect_from_forgery</tt> on by default.
* The <tt>cookie_verifier_secret</tt> has been moved to <tt>initializers/cookie_verification_secret.rb</tt>.
* The <tt>session_store</tt> configuration has moved to <tt>initializers/session_store.rb</tt>.
* The <tt>cookie_verifier_secret</tt> has been deprecated and now instead it is assigned through <tt>Rails.application.config.cookie_secret</tt> and moved into it's own file: <tt>initializers/cookie_verification_secret.rb</tt>.
* The <tt>session_store</tt> configuration has also been changed from a hash assignment to <tt>ActionController::Base.session</tt> to <tt>Rails.application.config.session_store</tt> has also has been moved to <tt>initializers/session_store.rb</tt>.
* <tt>cookies.secure</tt> allowing you to set encrypted values in cookies with <tt>cookie.secure[:key] => value</tt>.
* <tt>cookies.permanent</tt> allowing you to set permanent values in the cookie hash <tt>cookie.permanent[:key] => value</tt> that raise exceptions on signed values if verification failures.
* You can now pass <tt>:notice => 'This is a flash message'</tt> or <tt>:alert => 'Something went wrong'</tt> to the <tt>format</tt> call inside a +respond_to+ block. The <tt>flash[]</tt> hash still works as previously.
@ -322,7 +322,6 @@ Produces:
* I18n select label on should now be :en.helpers.select instead of :en.support.select.
* You no longer need to place a minus sign at the end of a ruby interpolation inside an ERb template to remove the trailing carriage return in the HTML output.
* Added +grouped_collection_select+ helper to Action View.
* Action View now will raise exceptions if CSS stylesheets and javascript files listed in the +javascript_include_tag+ and +stylesheet_include_tag+ helpers are missing.
* +content_for?+ has been added allowing you to check for the existence of content in a view before rendering.