config: flip config.action_dispatch.use_cookies_with_metadata

This makes cookies more secure, by adding an automatic "purpose" field to each cookie. Cookies generated by Rails 5 are still forward-compatible. However from now on the generated cookies will not be backward-compatible with Rails 6.
2020-07-13 17:30:07 +02:00 · 2020-07-13 17:30:07 +02:00 · 8427f0eb75
commit 8427f0eb75
parent e8fa65f79d
1 changed files with 1 additions and 1 deletions
--- a/config/initializers/new_framework_defaults_6_0.rb
+++ b/config/initializers/new_framework_defaults_6_0.rb
@ -14,7 +14,7 @@ Rails.application.config.action_view.default_enforce_utf8 = false
 #
 # This option is not backwards compatible with earlier Rails versions.
 # It's best enabled when your entire app is migrated and stable on 6.0.
-# Rails.application.config.action_dispatch.use_cookies_with_metadata = true
+Rails.application.config.action_dispatch.use_cookies_with_metadata = true

 # Change the return value of `ActionDispatch::Response#content_type` to Content-Type header without modification.
 # Rails.application.config.action_dispatch.return_only_media_type_on_content_type = false