mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Merge pull request #31653 from ydakuka/fix-typo-0801
Fix typos [ci skip]
This commit is contained in:
commit
5e8c79a6fa
5 changed files with 5 additions and 5 deletions
|
@ -474,7 +474,7 @@ The common admin interface works like this: it's located at www.example.com/admi
|
||||||
|
|
||||||
* Does the admin really have to access the interface from everywhere in the world? Think about _limiting the login to a bunch of source IP addresses_. Examine request.remote_ip to find out about the user's IP address. This is not bullet-proof, but a great barrier. Remember that there might be a proxy in use, though.
|
* Does the admin really have to access the interface from everywhere in the world? Think about _limiting the login to a bunch of source IP addresses_. Examine request.remote_ip to find out about the user's IP address. This is not bullet-proof, but a great barrier. Remember that there might be a proxy in use, though.
|
||||||
|
|
||||||
* _Put the admin interface to a special sub-domain_ such as admin.application.com and make it a separate application with its own user management. This makes stealing an admin cookie from the usual domain, www.application.com, impossible. This is because of the same origin policy in your browser: An injected (XSS) script on www.application.com may not read the cookie for admin.application.com and vice-versa.
|
* _Put the admin interface to a special subdomain_ such as admin.application.com and make it a separate application with its own user management. This makes stealing an admin cookie from the usual domain, www.application.com, impossible. This is because of the same origin policy in your browser: An injected (XSS) script on www.application.com may not read the cookie for admin.application.com and vice-versa.
|
||||||
|
|
||||||
User Management
|
User Management
|
||||||
---------------
|
---------------
|
||||||
|
|
|
@ -272,7 +272,7 @@ that promise is to put it as close as possible to the blocking call:
|
||||||
Rails.application.executor.wrap do
|
Rails.application.executor.wrap do
|
||||||
th = Thread.new do
|
th = Thread.new do
|
||||||
Rails.application.executor.wrap do
|
Rails.application.executor.wrap do
|
||||||
User # inner thread can acquire the load lock,
|
User # inner thread can acquire the 'load' lock,
|
||||||
# load User, and continue
|
# load User, and continue
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue