Merge pull request #2549 from joaomilho/master

Using urlsafe_base64 cause it already handle url sensitive chars, keepin...
2026-01-11 07:48:13 -05:00 · 2013-08-08 13:38:05 -07:00
parent d0219d914f 4048545151
commit 20cf73facf
1 changed files with 1 additions and 1 deletions
--- a/lib/devise.rb
+++ b/lib/devise.rb
@@ -458,7 +458,7 @@ module Devise

  # Generate a friendly string randomly to be used as token.
  def self.friendly_token
-    SecureRandom.base64(15).tr('+/=lIO0', 'pqrsxyz')
+    SecureRandom.urlsafe_base64(15).tr('lIO0', 'sxyz')
  end

  # constant-time comparison algorithm to prevent timing attacks