Setting cookies in service overloader thingo
I'm implementing a simpler version of the Cookie Session Store in Rails 2.0. If you know what that is, skip the next paragraph. A cookie session store stores the session data inside cookies, on the client, and signs them using a secret string, hashed together. The user can decode the cookie easily if they know much about computers and see what's inside, but they can't alter it because they can't generate the needed hash to sign it, and the server will ignore all cookie session data that isn't signed right. It's neat, you don't need a database, no file system clutter, and I think it feels really just a lot more natural this way. Trouble is, I'm trying to make it work as a drop in replacement for the camping sessions mixin so people can 'upgrade' in either direction easily, consider this code however... def service(*a) if @cookies.identity blob, secure_hash = @cookies.identity.to_s.split(':') blob = Base64.decode64(blob) data = Marshal.restore(blob) data = {} unless secure_blob_hasher(blob) == secure_hash else blob = '' data = {} end app = self.class.name.gsub(/^(\w+)::.+$/, '\1') @state = (data[app] ||= Camping::H[]) hash_before = blob.hash return super(*a) ensure if data data[app] = @state blob = Marshal.dump(data) unless hash_before == blob.hash secure_hash = secure_blob_hasher(blob) @cookies.identity = Base64.encode64(blob).strip + ':' + secure_hash end end end and there's quite a problem, check out that line, return super(*a), and look at the camping source, and soon enough one realises the reason this doesn't work at all is that the code inside the super is the code converting @cookies in to the Set-Cookie http header, so it's too late to set a cookie by the time the ensure block runs and tries to save the session. What should I do? It feels dirty to copy code out of camping.rb that serializes the cookies, in effect making it do that job twice every time the session data and any other cookie data changes (which wouldn't be a big deal for my app, but still seems nasty). Anyone got a better idea? — Jenna “Where's my oats” Fox___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list
Re: Camping-Omnibus Doesn't Work With Ruby v1.8.6
Ok noted, it should probably be fixed once camping is released on rubyforge 2008/5/10 Trevor Johns [EMAIL PROTECTED]: I've noticed that the copy of Mongrel installed by the camping-omnibus gem doesn't work with Ruby 1.8.6. Or to be more specific, cgi_multipart_eof_fix (which Mongrel is dependent upon) doesn't work: $ sudo gem install mongrel --source http://code.whytheluckystiff.net ERROR: Error installing mongrel: cgi_multipart_eof_fix requires Ruby version = 1.8.5 It looks like the copy of Mongrel mirrored on code.whytheluckystiff.net is v1.0.1. The latest public release is v1.1.4. Working around this is easy (just download the component parts individually from gems.rubyforge.org), but it might scare away some newbies who are following the directions on the wiki. Time to update the Gems hosted on code.whytheluckystiff.net? On a related note, how come camping-omnibus doesn't exist on gems.rubyforge.org? -- Trevor Johns http://tjohns.net ___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list ___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list
Re: Setting cookies in service overloader thingo
Nice catch, cookies support never really felt complete to me. Maybe we should put it in a different module ? Cheers, zimbatm ___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list
Re: Setting cookies in service overloader thingo
I haven't read through all of camping yet, I only started playing with it seriously a few days ago, so I don't know where might be a better place for it. Maybe whatever it is which calls service could do the cookies. it would be nice if there was a way to set cookies long term too, though it isn't really important and for my app, the only place I'd be using it is to duplicate the form filling out functionality for my openid login box that all modern browser's already provide. It is really refreshing for cookies to be so simple. I have very mixed feelings about making them 'complete'. If more complete cookie support were added, that would surely include the setting of expiry, this opens up another big change in that many apps set the same cookie over and over even though nothing has changed because they want the expiry to always be, for example, one week after the last page the user loaded. The framework currently doesn't make allowances for setting the same cookie over and over when no data has changed either. Maybe it's best to stick with simple cookie support. If people really need much more I don't feel it unfair for them to need to hack it in themselves or move up to rails and the likes. — Jenna ”Where's my equestrian hat?” Fox On 18/05/2008, at 2:41 AM, zimbatm wrote: Nice catch, cookies support never really felt complete to me. Maybe we should put it in a different module ? Cheers, zimbatm ___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list ___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list
Re: Camping-Omnibus Doesn't Work With Ruby v1.8.6
Yeah, and because ruby 1.8.6 comes with Mac OS X Leopard, that's probably scaring plenty of people (me included!) — Jenna “The Omnibus” Fox On 18/05/2008, at 2:40 AM, zimbatm wrote: Ok noted, it should probably be fixed once camping is released on rubyforge 2008/5/10 Trevor Johns [EMAIL PROTECTED]: I've noticed that the copy of Mongrel installed by the camping- omnibus gem doesn't work with Ruby 1.8.6. Or to be more specific, cgi_multipart_eof_fix (which Mongrel is dependent upon) doesn't work: $ sudo gem install mongrel --source http://code.whytheluckystiff.net ERROR: Error installing mongrel: cgi_multipart_eof_fix requires Ruby version = 1.8.5 It looks like the copy of Mongrel mirrored on code.whytheluckystiff.net is v1.0.1. The latest public release is v1.1.4. Working around this is easy (just download the component parts individually from gems.rubyforge.org), but it might scare away some newbies who are following the directions on the wiki. Time to update the Gems hosted on code.whytheluckystiff.net? On a related note, how come camping-omnibus doesn't exist on gems.rubyforge.org? -- Trevor Johns http://tjohns.net ___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list ___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list ___ Camping-list mailing list Camping-list@rubyforge.org http://rubyforge.org/mailman/listinfo/camping-list