Thanks you all, I have repented. I am a new being now =)
On Thu, May 26, 2011 at 4:52 PM, Alpha Blue <[email protected]> wrote:
> There's absolutely no reason that I can think of for you to store
> sessions in the database. As was stated previously, you shouldn't store
> any personal data in the session. Don't be afraid to use cookies! When
> implemented properly, you should have nothing to fear.
>
> Here's an example you can do with your session_store.rb file. I even
> added a gist so you can see the formatting better.
>
> /config/session_store.rb
>
> Yourapp::Application.config.session_store :cookie_store
>
> Yourapp::Application.config.session = {
> :key => '_yourapp_session', # name of cookie that
> stores the data
> :domain => nil, # you can share between
> subdomains here: '.subdomain.com'
> :expire_after => 1.month, # expire cookie
> :secure => false, # for https its true
> :httponly => true, # a measure against XSS
> attacks, prevent client side scripts from accessing the cookie
>
> :secret => 'YOUR SECRET GOES HERE' # RUN RAKE SECRET to
> generate secret
> }
>
> You can read it better by going to this gist:
>
> https://gist.github.com/993390
>
> Hope that helps.
>
> --
> Posted via http://www.ruby-forum.com/.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Talk" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/rubyonrails-talk?hl=en.
>
>
--
*Satajanus Nig. Ltd
*
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
