diff options
Diffstat (limited to 'lib/cgi')
| -rw-r--r-- | lib/cgi/session.rb | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/lib/cgi/session.rb b/lib/cgi/session.rb index d2a1be4aab..7539be37c3 100644 --- a/lib/cgi/session.rb +++ b/lib/cgi/session.rb @@ -174,16 +174,22 @@ class CGI # is used internally for automatically generated # session ids. def create_new_id - require 'digest/md5' - md5 = Digest::MD5::new - now = Time::now - md5.update(now.to_s) - md5.update(String(now.usec)) - md5.update(String(rand(0))) - md5.update(String($$)) - md5.update('foobar') + require 'secrand' + begin + session_id = SecRand.hex(16) + rescue NotImplementedError + require 'digest/md5' + md5 = Digest::MD5::new + now = Time::now + md5.update(now.to_s) + md5.update(String(now.usec)) + md5.update(String(rand(0))) + md5.update(String($$)) + md5.update('foobar') + session_id = md5.hexdigest[0,16] + end @new_session = true - md5.hexdigest[0,16] + session_id end private :create_new_id |