forked from OpenNeo/impress
Matchu
b756ae023e
Oh right, we intentionally fail if there's no SECRET_TOKEN provided, but that's not really useful for development! Here, we add a SECRET_TOKEN only used in development - which doesn't need to be secret, because it doesn't guard actual user sessions! In production, the behavior is unchanged. |
||
---|---|---|
.. | ||
application_controller_renderer.rb | ||
asset_hosts.rb | ||
assets.rb | ||
attack.rb | ||
backtrace_silencers.rb | ||
content_security_policy.rb | ||
cookies_serializer.rb | ||
devise.rb | ||
filter_parameter_logging.rb | ||
inflections.rb | ||
locale_meta.rb | ||
mime_types.rb | ||
neopia.rb | ||
permissions_policy.rb | ||
rspec_generator.rb | ||
secret_token.rb | ||
session_store.rb | ||
stripe.rb | ||
wrap_parameters.rb |