From 69d9600f48d8ca89458165bc059e3ce00b7527bf Mon Sep 17 00:00:00 2001 From: Eric Davis Date: Sat, 19 Jun 2010 20:04:47 +0000 Subject: [PATCH] Added documentation about the session_path. #3968 git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3785 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- lib/tasks/initializers.rake | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/tasks/initializers.rake b/lib/tasks/initializers.rake index ce8747504..cec557250 100644 --- a/lib/tasks/initializers.rake +++ b/lib/tasks/initializers.rake @@ -17,6 +17,13 @@ file 'config/initializers/session_store.rb' do # you'll be exposed to dictionary attacks. ActionController::Base.session = { :session_key => '_redmine_session', + # + # Uncomment and edit the :session_path below if are hosting your Redmine + # at a suburi and don't want the top level path to access the cookies + # + # See: http://www.redmine.org/issues/3968 + # + # :session_path => '/url_path_to/your/redmine/', :secret => '#{secret}' } EOF