Tagged: sessions

secret given to the #protect_from_forgery call

My code was running fine under Rails 2.0.2. Then I enabled the db based session store by uncommenting this:

 config.action_controller.session_store = :active_record_store 
in environment.rb.

Anything that used the session after that gave me this error:

 No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store). 

If you have the same problem. Go to application.rb and uncomment the secret then restart.

All better.

Continue Reading →