Fair enough. I think of the CookieStore as more of a "Client-side" session store, but I can see the other perspective and why it might be more correct. I had the "other token" idea, too, but didn't like it. I like the idea that everything is marching through the same authentication path.
Anyway, thanks for the quick response. Sujal On Jan 20, 2008, at 5:21 PM, Michael Koziarski wrote: > >> What is the behavior of CookieStore when :cookie_only=>false? >> >> If this seems broken, I'll submit a ticket and my patches. Or, if I >> missed something, please let me know. :-) > > The cookie store can't work with cookies disabled, which is what > cookie_only=>false is meant to support. I understand that there's a > limitation in flash's multi-part posts which needs the session id in > the url. > > You'll have to use another session store, or not use the session in > your upload method, perhaps storing another token of some sort in the > URL? > > > -- > Cheers > > Koz > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
