I tried using gem rack protection, I followed the usage guide to configure the config.ru file. when I try to start the application again, I got this ERROR " you need to configure middleware for the session before Rack :: Protection :: SessionHijacking ".
# config.ru require 'rack/protection' use Rack::Protection run MyApp
Take the code from the answer:
module YouApp class Application < Rails::Application config.middleware.use Rack::Protection::SessionHijacking
I put this in my .rb application and still get an internal service error message , you need to configure the session middleware before Rack :: Protection :: SessionHijacking
The following is the output of rake middleware:
use Rack::MiniProfiler use ActionDispatch::Static use Rack::Lock use #<ActiveSupport::Cache::Strategy::LocalCache::Middleware:0x007f9482a28910> use Rack::Runtime use Rack::MethodOverride use ActionDispatch::RequestId use Rails::Rack::Logger use ActionDispatch::ShowExceptions use ActionDispatch::DebugExceptions use ActionDispatch::RemoteIp use ActionDispatch::Reloader use ActionDispatch::Callbacks use ActiveRecord::ConnectionAdapters::ConnectionManagement use ActiveRecord::QueryCache use ActionDispatch::Cookies use ActiveRecord::SessionStore use ActionDispatch::Flash use ActionDispatch::ParamsParser use ActionDispatch::Head use Rack::ConditionalGet use Rack::ETag use ActionDispatch::BestStandardsSupport use Warden::Manager use Rack::Protection::SessionHijacking use MetaRequest::Middlewares::MetaRequestHandler use MetaRequest::Middlewares::Headers use MetaRequest::Middlewares::AppRequestHandler use OmniAuth::Strategies::Twitter use OmniAuth::Strategies::Facebook run Myapp::Application.routes
Appreciate who can help and thank you for your time.
source share