Ruby on Rails
Monday, December 31, 2012
I just said what you need. chain the url_for method to add session id to the parameters, and read the session id in your application controller, look it up in your session store, active record or memcache, then load whatever information you want from the database.
--
Dheeraj Kumar
On Monday 31 December 2012 at 1:44 PM, Rajarshi wrote:
you can send encrypted session id for thatyour url should be like /users?session_id='dasdadasdas2313124213213_session_application" with encrypted session idnow after getting request you have to decrypt the sessionuse base64 for it--On Mon, Dec 31, 2012 at 1:15 PM, Rajesh KT <lists@ruby-forum.com> wrote:Dheeraj Kumar wrote in post #1090690:
> It's not secure, session spoofing is a serious issue. I would encouragePlease suggest which route to follow, in order to make application work
> not going that route.
>
> It can be done in rails, needs a bit of work but sure. Ideally, you'll
> alias_method_chain url_for and read the session in a parent controller,
> like ApplicationController and initialize your current user and any
> other session information from that.
>
> --
> Dheeraj Kumar
even though cookies are disabled in the browser.
Thanks in advance for any help in this line.
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment