Hi, I noticed that there is a cookie set by my rails scaffold that contains a 32 character hash code in it, but when I tried to change its value using Cookies[:_session_id], nothing happened, it stays the same! How am I supposed to change the session_id? Thanks. -- Posted via http://www.ruby-forum.com/.
Woei Shyang wrote:> Hi, > > I noticed that there is a cookie set by my rails scaffold that contains > a 32 character hash code in it, but when I tried to change its value > using Cookies[:_session_id], nothing happened, it stays the same! > > How am I supposed to change the session_id? > > Thanks.I''ve noticed this too :/ What is it you want to achieve? I spent a lot of time trying to wrap sessions in a separate permanent cookie because I had gotten the impression that there was no way of having Rails make the session cookie itself permanent. However, I eventually found that Rails _can_ do this: http://wiki.rubyonrails.com/rails/pages/HowtoChangeSessionOptions ("changing session duration"). -- Posted via http://www.ruby-forum.com/.
Woei Shyang
2006-Jan-16 23:53 UTC
[Rails] Re: Why can''t I changed the _session_id cookie?
Henrik wrote:> I''ve noticed this too :/ > > What is it you want to achieve? I spent a lot of time trying to wrap > sessions in a separate permanent cookie because I had gotten the > impression that there was no way of having Rails make the session cookie > itself permanent. However, I eventually found that Rails _can_ do this: > http://wiki.rubyonrails.com/rails/pages/HowtoChangeSessionOptions > ("changing session duration").What I was trying to do is to have each login generate a new session, because strictly speaking, if someone "steals" the cookie from a logged in browser and copies it elsewhere, he may be able to gain access to priviledged information too. Not too sure how that''d pan out :| -- Posted via http://www.ruby-forum.com/.