similar to: how to check the config.action_controller.session options ?

This might be a solved issue, so I thought I''d ask. I''m trying to use SWFUpload with the cookiestore. I''m passing in the session_id variable through a POST parameter in the upload. I''ve verified that Flash is sending the POST params (Flash 9). I thought simply by setting cookie_only to false for that method, I would be able to get that to work.

Recently, I got this security vulnerability on my app: Ruby on Rails Multiple Method Session Fixation Synopsis : The remote web server is affected by a session fixation vulnerability. Description : The web server on the remote host appears to be a version of Ruby on Rails that supports URL-based sessions. An unauthenticated remote attacker may be able to

Hi all, Apologies in advance if I got this one wrong, I''m still just a newbie ;-) Going through the Apple ADC RoR tutorial it suddenly occurred to me that the ''number_to_currency()'' helper method was not DRY streamlined. Scenario:: The "number_to_currency()" methods options hash works great when I need to dynamically display different currencies when I

What I want to do is share the same session across many Rails applications. All of them are using Rails 2.2.2. I know that, to share the session, it''s (supposedly) just a matter of sharing the same key and secret among the apps, like this: config.action_controller.session = { :session_key => ''_apps_session'', :secret =>

The Agile book seems to say I should specify this as follows, probably in the environments.rb: ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager] = CGI::Session::ActiveRecordStore BUT the environments.rb file would have me Un-Comment this: config.action_controller.session_store = :active_record_store Anyway, I''ve tried both, and in both cases it

I am using the restful authentication plugin and am always prompted to login if a different subdomain is accessed. I have found a couple rails "solutions", but none of them seem to work: # development.rb 1. ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:session_key] = ".localhost" 2. ActionController::Base.session_options[:key] = ".localhost" Does anyone

We''re going to have problems keeping cookies across domains. We want people to shop in one domain (e.g. "booksareus.com") and then checkout on the same server securely under a different domain (e.g. "greatbooks.com"). When we make the jump to the secure domain (the checkout link) can we submit the user''s session ID along with it and have it

Hi all - I am trying to get rails to use memcache for sessions and fragment caching. I''d also like to use the same connection for general caching of this and that. I''m following the instructions here: http://wiki.rubyonrails.com/rails/pages/HowtoChangeSessionStore and hitting a brick wall. I''m using the new memcache-client since from what I''ve read

I''m trying to use Uploadify in my project. Everything works in my machine, locally. The problem is when I use the same code in my production environment. When I try to upload a photo, it returns an error "HTTP 401", but there are no errors in the log. Rails(2.3.5) Uploadify(2.1.0) Here is my FlashSessionCookieMiddleware where the problem with the Flash authentication shoud be

---------flash_session_cookie_middleware.rb require ''rack/utils'' class FlashSessionCookieMiddleware def initialize(app, session_key = ''_session_id'') @app = app @session_key = session_key end def call(env) if env[''HTTP_USER_AGENT''] =~ /^(Adobe|Shockwave) Flash/ req = Rack::Request.new(env) params =

Edge has a change in default behaviour where sessions are stored as cookies instead of in the file system. This was a pleasant surprise when I synced up, fired up my app, and nothing worked. Ah, life on the edge. I''m sure I''m just missing something, but I can''t get sessions to survive the first redirect. I added the following code to environment.rb, based on

Hey All, I''m trying to do a simple form_for (and I also get it with form_tag) and I''m getting the following error: ActionView::TemplateError (No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store).) on line #2 of users/new.fbml.erb: 1: <h1>Welcome To Courses, Let''s Get

Hi There, I was wondering what the appropriate way to use the applicationproperties.rb model was. I was hoping to query it to find out which users are developers for my app and then grant special permissions to them ... I tried creating something like this: class ApplicationProperties < ActiveRecord::Base def facebook_session @facebook_session ||= returning

You have a nil object when you didn''t expect it! You might have expected an instance of Array. The error occurred while evaluating nil.<< any ideas ? Application works fine with rails 2.1.0 Sandip -- Ruby on Rails Developer http://funonrails.wordpress.com www.joshsoftware.com http://brandpotion.com (Latest project released) --~--~---------~--~----~------------~-------~--~----~

To clarify the issue I posted earlier: I am on OS X 10.6.7. Trying to use Mechanize to log in to LinkedIn. As others have posted about in the past, when I submit the form it kicks me back to the LinkedIn landing page, and does not log me in. I read the earlier discussion of the issue that mentioned how cookie values were being improperly dequoted when stored. But I thought that issue was fixed.

I am trying to convert my codeand to use the new Rails 2.0 feature RequestForgeryProtection but I get an InvalidAuthenticityToken error, right from the beginning with my login form.. I followed the recommandations : in my environment.rb config.action_controller.session = { :session_key => ''myappname'', :secret =>

In routes.rb I''ve put: resources :sessions controller is: class SessionsController < ApplicationController def destroy session[:id] = nil session.delete(:casfilteruser) CASClient::Frameworks::Rails::Filter.logout(self) end end In application.html.erb I have: <%= link_to ''Logout'', session_path(session[:cas_user]), :method => :delete %> I

Hello, I''m having some difficulty with using sessions. Basically, I''d like to be able to store a hash in an action: def action session[:details] = {:value => some_hash, :session_path => "/main"} end I''d like to be able to retrieve the hash in another action under the same "main" controller. I retrieve it by doing the following: def

Hi, I put the following in my environment.rb file: ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.update (:database_manager => CGI::Session::ActiveRecordStore) Runnning WEBrick via "script/server" and trying to load any page served by a controller results in an error like the following: #<ActiveRecord::StatementInvalid: ERROR: null value in column "id"

Hi, Has anybody produced diffs for openssh-2.3.0p1 for the rsa keyexchange problem that Core-SDI described ? ( I noticed that fix is already in openbsd tree ). -Jarno -- Jarno Huuskonen - System Administrator | Jarno.Huuskonen at uku.fi University of Kuopio - Computer Center | Work: +358 17 162822 PO BOX 1627, 70211 Kuopio, Finland | Mobile: +358 40 5388169