Hello All, I would need someone to explain to me how Rails session works? I need all the options available and tricks (if any). Regards, Emeka -- * * -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
It''s pretty tough to answer such a vague question. What about the Guide didn''t help you? http://guides.rubyonrails.org/security.html On May 22, 2011, at 11:21 PM, Emeka wrote:> > Hello All, > > I would need someone to explain to me how Rails session works? I need all the options available and tricks (if any). > > > Regards, > Emeka > -- > > > > > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Hello Jim, Thanks for that link. However, I would want to know how it is accomplished? is it cookie based? And which algorithm is used to generate the random object? Emeka On Mon, May 23, 2011 at 7:42 AM, Jim Tobin <tobinj-ee4meeAH724@public.gmane.org> wrote:> It''s pretty tough to answer such a vague question. What about the Guide > didn''t help you? http://guides.rubyonrails.org/security.html > > On May 22, 2011, at 11:21 PM, Emeka wrote: > > > Hello All, > > I would need someone to explain to me how Rails session works? I need all > the options available and tricks (if any). > > > Regards, > Emeka > -- > * > > > * > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to > rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. > > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to > rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. >-- *Satajanus Nig. Ltd * -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On 23 May 2011, at 09:16, Emeka wrote:> Thanks for that link. However, I would want to know how it is > accomplished? is it cookie based? And which algorithm is used to > generate the random object?Yes, a session is cookie-based. If you want to find out every single little detail, just read the Rails codebase. That''s the great thing about opensource, isn''t it? Best regards Peter De Berdt -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Thanks so much. However, I am using the so-called cookieStore. session[:user_id] = user.id Will this be saved at the client? Will the client see the user.id? What is saved at the client? And how is the server relates to that? Emeka On Mon, May 23, 2011 at 9:03 AM, Peter De Berdt <peter.de.berdt-LPO8gxj9N8aZIoH1IeqzKA@public.gmane.org>wrote:> > On 23 May 2011, at 09:16, Emeka wrote: > > Thanks for that link. However, I would want to know how it is accomplished? > is it cookie based? And which algorithm is used to generate the random > object? > > > Yes, a session is cookie-based. > > If you want to find out every single little detail, just read the Rails > codebase. That''s the great thing about opensource, isn''t it? > > > Best regards > > > Peter De Berdt > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to > rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. >-- *Satajanus Nig. Ltd * -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
On 23 May 2011 10:15, Emeka <emekamicro-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> However, I am using the so-called cookieStore. > session[:user_id] = user.id > Will this be saved at the client? Will the client see the user.id? > > What is saved at the client? And how is the server relates to that?These questions are all answered in the first few paragraphs of the ''Session'' section of ''Action Controller Overview'' guide: http://guides.rubyonrails.org/action_controller_overview.html#session and there is more detail along with security recommendations in the Security Guide: http://guides.rubyonrails.org/security.html#sessions Chris -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Thanks you all. Emeka On Mon, May 23, 2011 at 10:28 AM, Chris Mear <chrismear-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> On 23 May 2011 10:15, Emeka <emekamicro-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > However, I am using the so-called cookieStore. > > session[:user_id] = user.id > > Will this be saved at the client? Will the client see the user.id? > > > > What is saved at the client? And how is the server relates to that? > > These questions are all answered in the first few paragraphs of the > ''Session'' section of ''Action Controller Overview'' guide: > > http://guides.rubyonrails.org/action_controller_overview.html#session > > and there is more detail along with security recommendations in the > Security Guide: > > http://guides.rubyonrails.org/security.html#sessions > > Chris > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to > rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > For more options, visit this group at > http://groups.google.com/group/rubyonrails-talk?hl=en. > >-- *Satajanus Nig. Ltd * -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.