[Rails] Re: Persisting Session Data When Cookies Are Disabled

On Friday, December 6, 2013 3:36:28 AM UTC, Fred Guest wrote:

is this possible? i'm serving a rails app into an iframe and i'm testing in chrome with "block third-party cookies" selected because it's not safe to assume that third-party cookies won't be blocked. iframes are treated as third parties so i need the app to function independently of cookies. i've done a boatload of googling an fiddling already, and it seems that even if you change ".config.session_store :cookie_store" to active_record_store or mem_cache_store (plus the additional configuration/gems those entail), the persistence of session data is STILL dependent on the availability of cookies, which is kind of a fake out with regards to the name of that config.

Yes - a cookie is used to record  which database row / memcache key to use. The name of the store implies where the actual session data is stored.

at this point i have resorted to running memcached putting this:

  def write(k,v)

    Rails.cache.write(request.remote_ip.gsub('.', '')+k,v)

  end

  def read(k)

    Rails.cache.read(request.remote_ip.gsub('.', '')+k)

  end

in my application_controller and using it as i would "session[:foo] = bar" or "session[:foo]". it works, but i don't feel great about it due to the nature of IP addresses. is there a better way to accomplish this?

 

Is it an option for you to pass a session id in the url? Unideal too, but perhaps less unideal than what you currently have. I think this used to be something rails supported, but I seem to remember it getting removed, so you might have to hack that back in.

Fred

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/93f96b61-1dd1-459c-be7f-b55dd4aaf534%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.