On 6 February 2011 08:27, Robert Pankowecki (rupert) <[email protected]> wrote: > On Feb 6, 12:47 am, ivanpoval <[email protected]> wrote: >> Maybe there is no need to delete the keys on the session if those have >> nil as value. Probably rails doesn't pass them into the cookie anyway. >> But I would do an experiment to make sure. > > Session Hash storage is usually a database/files/memcached, not > cookies.
I thought that the default was to use cookies for session store. In which case storage will definitely usually be cookies as most users will just use the default. Colin > The reason for that is that you cannot trust cookies. Unless > you put something into the cookie, Rails app will only store a > sessions_id that is used by Rails framework to find session hash. In > another words. Always use session to store important data. Use cookies > to store unimportant things if you want them to last longer then the > session. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
