Mark CORS responses as uncacheable

[rails.git] / config / initializers / session_store.rb

diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 77fd39092240465a623244003e8f722f702588b3..aa90714049818f297915f7a1853aa4335b81626f 100644 (file)
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,17 +1,9 @@
 # Be sure to restart your server when you modify this file.
 
-# Your secret key for verifying cookie session data integrity.
-# If you change this key, all old sessions will become invalid!
-# Make sure the secret is at least 30 characters and all random, 
-# no regular words or you'll be exposed to dictionary attacks.
-ActionController::Base.session = {
-  :key         => '_osm_session',
-  :secret      => 'd886369b1e709c61d1f9fcb07384a2b96373c83c01bfc98c6611a9fe2b6d0b14215bb360a0154265cccadde5489513f2f9b8d9e7b384a11924f772d2872c2a1f'
-}
+if defined?(MEMCACHE_SERVERS)
+  cache = MemCache.new(:namespace => "rails:session", :string_return_types => true)
 
-# Use the database for sessions instead of the cookie-based default,
-# which shouldn't be used to store highly confidential information
-# (create the session table with "rake db:sessions:create")
-unless STATUS == :database_offline or STATUS == :database_readonly
-  ActionController::Base.session_store = :sql_session_store
+  OpenStreetMap::Application.config.session_store :mem_cache_store, :cache => cache, :key => "_osm_session"
+else
+  OpenStreetMap::Application.config.session_store :cache_store, :key => '_osm_session'
 end