From c9c42de866fd0a3d9f777f44301eecc329b2b9f3 Mon Sep 17 00:00:00 2001 From: Jason Lee Date: Wed, 26 Oct 2016 18:05:47 +0800 Subject: [PATCH] Update readme --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2e6db2c..db349d6 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,8 @@ brew install imagemagick ghostscript **Security Notice!** -You need change your application Session store from `CookieStore` (Rails default) to backend store location. +You need change your application Session store from `CookieStore` (Rails default) to backend store location +for avoid [Session Replay Attacks](http://guides.rubyonrails.org/security.html#replay-attacks-for-cookiestore-sessions) security issue. - [:active_session_store](https://github.com/rails/activerecord-session_store) - [:memcached_store](http://api.rubyonrails.org/classes/ActionDispatch/Session/MemCacheStore.html)