"As far as i'm concerned, any app that's keeping secrets from me about
me is not the kind of app I want to be using anyway."
I feel like I just read this exact line somewhere else in the last few days...
-- Eric
On Sun, May 25, 2008 at 2:02 AM, Bluebie, Jenna
<[EMAIL PROTECTED]> wrote:
> I forgo
I forgot to mention though, the signing just stops users from changing
the session data without the server knowing, it doesn't stop them from
reading it. Any data in the session when using the cookie sessions
store only needs to be base64 decoded and unmarshaled with ruby to
find out what's
No, that isn't a problem. The cookie contains a marshaled string of
the @store variable, but it also has after it a ':' and then an SHA256
hash of the marshaled string combined with a secret value the user
needs to set in their controller with something like:
@@state_secret = "secret thingy
On Sun, May 25, 2008 at 12:25:08AM +0200, Magnus Holm wrote:
> * The cookie session is named Camping::Session and is placed in
> camping/session.rb. Maybe this should be called Camping::CookieSession or???
You know, these cookie sessions seem like they could be a problem.
A lot of sessions would c
On Sun, May 25, 2008 at 12:25:08AM +0200, Magnus Holm wrote:
> I've just sent a pull-request to _why with my changes[1] and here is some
> things that I think needs to be done before a (possible) release:
It's been merged, great work, Magnus. I'm not quite to the point of
addressing all of your q
I've just sent a pull-request to _why with my changes[1] and here is some
things that I think needs to be done before a (possible) release:
* The cookie session is named Camping::Session and is placed in
camping/session.rb. Maybe this should be called Camping::CookieSession or???
* The ActiveReco
If you can point to areas to document or changes you are making that
need documentation, I'd be happy to write it for you.
--Jeremy
On Sat, May 24, 2008 at 12:51 PM, Magnus Holm <[EMAIL PROTECTED]> wrote:
> I don't want to be the leader. I just want to contribute to one of the
> sweetest
> frame
I don't want to be the leader. I just want to contribute to one of the sweetest
framework that exists in the Rubyverse!
I'm going to contribute with what I can, and I suck at writing documentation and
I have no intention to learn RDoc (ATM, maybe another day).
(I still think that _why is the true
8 matches
Mail list logo
