thanks my friend, Freds gotta stick together. yes it seems Rails does not
want session ids in urls at
all http://guides.rubyonrails.org/action_controller_overview.html#session
the other option is to pass around resource ids in urls, it just gets
messy. this feels like something a framework should provide a default
solution for but i guess not.
On Friday, December 6, 2013 6:34:31 AM UTC-5, Frederick Cheung wrote:
>
>
>
> On Friday, December 6, 2013 3:36:28 AM UTC, Fred Guest wrote:
>>
>> is this possible? i'm serving a rails app into an iframe and i'm testing
>> in chrome with "block third-party cookies" selected because it's not safe
>> to assume that third-party cookies won't be blocked. iframes are treated as
>> third parties so i need the app to function independently of cookies. i've
>> done a boatload of googling an fiddling already, and it seems that even if
>> you change ".config.session_store :cookie_store" to active_record_store or
>> mem_cache_store (plus the additional configuration/gems those entail), the
>> persistence of session data is STILL dependent on the availability of
>> cookies, which is kind of a fake out with regards to the name of that
>> config.
>>
>
> Yes - a cookie is used to record which database row / memcache key to
> use. The name of the store implies where the actual session data is stored.
>
>>
>> at this point i have resorted to running memcached putting this:
>>
>> * def write(k,v)*
>> Rails.cache.write(request.remote_ip.gsub('.', '')+k,v)
>> * end*
>>
>> * def read(k)*
>> Rails.cache.read(request.remote_ip.gsub('.', '')+k)
>> * end*
>>
>> in my application_controller and using it as i would "session[:foo] =
>> bar" or "session[:foo]". it works, but i don't feel great about it due to
>> the nature of IP addresses. is there a better way to accomplish this?
>>
>>
> Is it an option for you to pass a session id in the url? Unideal too, but
> perhaps less unideal than what you currently have. I think this used to be
> something rails supported, but I seem to remember it getting removed, so
> you might have to hack that back in.
>
> Fred
>
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/rubyonrails-talk/1383e79b-6683-4cae-b7ba-bd246d11205b%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
