On 23 May 2011 10:15, Emeka <[email protected]> wrote: > However, I am using the so-called cookieStore. > session[:user_id] = user.id > Will this be saved at the client? Will the client see the user.id? > > What is saved at the client? And how is the server relates to that?
These questions are all answered in the first few paragraphs of the 'Session' section of 'Action Controller Overview' guide: http://guides.rubyonrails.org/action_controller_overview.html#session and there is more detail along with security recommendations in the Security Guide: http://guides.rubyonrails.org/security.html#sessions Chris -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
