similar to: request.session_options[:id] accessiblity problem

I''m working on an ecommerce site (in Rails 2.3) and I added: ActionController::Base.session_options[:secure] = true to ~/config/environments/production.rb Now, every time I add something to my shopping cart and navigate away I get a new session_id (which essentially empties my shopping cart). How can I get the continuity of my sessions back, while still having the session_id get set

Hi, I am using thin web server in my rails project. But it gives stack level too deep error. Couldn''t find any appropriate solution to this. I have tried updating the ruby but didn''t help. Regards, Sumit -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to

Posted this on stack overflow earlier today here<http://stackoverflow.com/questions/13673969/rails-3-2-session-id-nil-until-next-request>, I really either don''t know what I''m doing, or I don''t understand how sessions are supposed to work! I''m connecting to rails from an Air app and communicating with JSON only. When the client sends a login request,

Hi, I made a contact manager app using rails. I added TokenInput plugin to introduce an instant contact search functionality in it. Tried following a railscast http://railscasts.com/episodes/258-token-fields but have been struggling with it for a while. Following is the code I use in my view <%= form_tag({:action => ''show'', :id => @contact_tokens}, :remote =>

I''m implementing simple "remember me" functionality for logging in users with Rails 2.3.4. I''m trying to set the session expiration date for some time in the future. After googling around a bit I found this post which seems to address my problem: http://squarewheel.pl/posts/3 My modifications to request.session_options are being ignored. According to this discussion (

I''m getting ready to put an app into production and I''ve found a strange issue that, as far as I know, shouldn''t be happening. To me this looks like it could be a bug, but I''m not sure and I''m hoping some one here can tell me if they''ve seen this before, or can idiot- check me in that hopefully it''s just something I''ve missed

Recently, I got this security vulnerability on my app: Ruby on Rails Multiple Method Session Fixation Synopsis : The remote web server is affected by a session fixation vulnerability. Description : The web server on the remote host appears to be a version of Ruby on Rails that supports URL-based sessions. An unauthenticated remote attacker may be able to

I''m trying to set the session cookie secure flag to true. I added the following to my environments/production.rb ActionController::Base.session_options[:secure] = true In the production mode I don''t see the set-cookie header in the server response (I''m using the Tamper Data Firefox tool to view the traffic). I tried removing all cookies, manually setting the domain

How do I display, in breakpointer for example, session.session_key or session.session_expires ?? The only one that works is session.session_id for some reason. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060517/d99e0837/attachment-0001.html

I have a Rails 2.3.2 application I am upgrading to Rails 3.2.1. I am using ActiveRecord::SessionStore connected to an Oracle database using the oracle_enhanced_adapter. On my first attempt (creating a new, default Rails 3 application copying in the application code, and fiddling with routes etc) I found that most things could be made to work, but that: request.session_options[:id] returns

Is there any way to change the output of rake spec fails? The errors are just totally over the top ugly and not helpful. First of all the ruby -Ilib line always comes before each test and I find it distracting. But if an error occurs on something that is not nil it just gives me the entire contents of that object and that is no small matter when the object is a HTTP request response. Here is

The new version of cached_model features bug fixes and tests! Bugs fixed: Updating a model no longer stores associations into the cache. This could cause strange, hard-to-debug bugs when an invalid set of assocations was retrieved along with a cached model. Reloading a model refreshes the cache. When CachedModel::find can''t understand query params and a single result is

Hi, I''m trying to use mem_cache_store for sessions. I have installed the server and the gem and have added the following to my config/environment.rb: >>>>>>>>>>>>>>>>>>>>>>>>> memcache_options = { :c_threshold => 10_000, :compression => true, :debug => false, :namespace =>

Rails 3.1.3 I have a model ''Airline'', whose STRING column is ''company'' only. Also, another model ''Plan'' has an INTEGER column ''airline_id''. I would like to show the ''company'' name (string) in a template like <% @plans.each do |plan| %> Airline: <%=

I''m upgrading my application from Rails 3.0 to Rails 3.2 (yeah, I know, what happened to 3.1?), and I''m experiencing a difference in the REST call when calling ActiveResource::create where the id is already defined. In 3.0, the app is sending a PUT. In 3.1 and above, is sending a POST. The PUT seemed to make sense to me since the id already exists. Is there any

Follow the code :- class Sample def bar p method(__method__).receiver # only `self` would do the trick. end end n1=Sample.new # => #<Sample:0x13bc648> n2=Sample.new # => #<Sample:0x13bc630> n1.bar # => #<Sample:0x13bc648> n2.bar # => #<Sample:0x13bc630> But this is my try. I am looking for any method is available in Ruby,into which say if I pas

When I use find_by_name method I get LIMIT 1 result. > SELECT "users".* FROM "users" WHERE "users"."age" = 25 LIMIT 1 But the "age" column is not unique in my table and its value may repeat. So I expect that an array of records where "age" is 25 will be returned. But AR limits the query by 1. How to avoid it? Or is it the default

I am running a Rails 4 app in semi-production and I constantly get exceptions from crawler bots that use a HEAD HTTP method, which causes the CSRF protection to kick in. Shouldn''t HEAD requests normally be handled like GET requests? I am not sure if I''m just being stupid or that hit is a bug somewhere. Michiel -- You received this message because you are subscribed to the

hi im reading through the topic above and trying to apply it to my app. as reference i found:http://leopard.in.ua/2012/07/08/using-cors-with-rails/ my prob is that i dont see the ''preflight'', meaning the first request prior the actual post, which should(?) deliver this: request.request_method==''OPTIONS'' the js code look like this: $.ajax ({ type:

Hi, We have our rails application running on AWS. we have two application servers and one database(postgres) server of C1.xlarge <http://aws.amazon.com/ec2/instance-types/> AWS instance type. Our passengermaxpoolsize is set to 30. And postgresql max connection limit is 100. Recently we found that when we got nearly 700 request per minute, our application created nearly crossed the