Dheeraj Kumar wrote in post #1090702:
> Instead of adding a session parameter to every url_for call, alias
> method chain it. any url helper calls url_for anyway, so you're good.
>
> Make sure the encryption is good with the session id, and don't use weak
> ones like base64, they make session spoofing so much easier.
>
> --
> Dheeraj Kumar
Are you referring this way:
http://brantinteractive.com/2008/05/13/cookieless-sessions-in-rails/
When I try below code in my application controller, it gives an error
saying - undefined method `session_id' for
#<ActionDispatch::Session::AbstractStore::SessionHash:0x13423c80>
def default_url_options(options)
# set a cookie if it's nil
cookies[:_session_id] ||= { :value => 'true', :expires =>
10.seconds.from_now }
{ :_session_id => (request.xhr? ? params[:_session_id] :
session.session_id) } unless cookies[:_session_id]
end
Am I missing something here?
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment