Archives/asciinema.org
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Default Rails salts are safe with long enough secret_key_base

Browse Source
This commit is contained in:
Marcin Kulik 2016-10-16 14:10:07 +02:00
parent 821cef7bf0
commit fed8fc8c8c
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/asciinema/endpoint.ex
View File

@ -34,9 +34,9 @@ defmodule Asciinema.Endpoint do
store: PlugRailsCookieSessionStore, store: PlugRailsCookieSessionStore,
key: "_asciinema_session", key: "_asciinema_session",
secure: System.get_env("SCHEME") == "https", secure: System.get_env("SCHEME") == "https",
signing_salt: System.get_env("SESSION_SIGNING_SALT") || "signed encrypted cookie", signing_salt: "signed encrypted cookie",
encrypt: true, encrypt: true,
encryption_salt: System.get_env("SESSION_ENCRYPTION_SALT") || "encrypted cookie", encryption_salt: "encrypted cookie",
key_iterations: 1000, key_iterations: 1000,
key_length: 64, key_length: 64,
key_digest: :sha, key_digest: :sha,