[Rails] Re: CSRF resets my session in Firefox

After a couple days of debugging, I found out it was race conditions and
totally unrelated to the CSRF... Turned out that CSRF was just a red
herring. When the page was kicked off, there were a few asynchronous
requests going on that was resetting the cookie. So for example, request
A gets kicked off (that sets the shopper_id stuff) and request B gets
kicked off at the same time (doesn't return the shopper_id), then
request A finishes and sets the cookie (which has the shopper_id), but
then request B comes back and overwrites that cookie thinking it was the
original cookie.

Very confusing and hard to track down, but my coworker and I managed to
figure it out.

Thanks all!
- Jeff

--
Posted via http://www.ruby-forum.com/.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.