Share session between subdomains
Reported by Guillermo Álvarez | June 10th, 2010 @ 10:58 AM
Sessions cookies don't hace domain, so by default navigators use current HTTP_HOSTS.
If you want to share session between www.example.com and username.example.com you can't.
The next patch resolve this problem by adding a domain option in session_store initializar.
The syntax is:
<code class="ruby"> Rails.application.config.session_store <span class="symbol">:cookie_store</span>, <span class="symbol">:key</span> => <span class="string">'_app_session'</span>, <span class="symbol">:domain</span> => <span class="symbol">:all</span></code>
Comments and changes to this ticket
-
Guillermo Álvarez June 10th, 2010 @ 11:03 AM
Here is the patch.
-
Guillermo Álvarez June 10th, 2010 @ 11:25 AM
This patch is so simple, and just cover most of the cases i know, so for most complicated cases like 3th level domain, you must be explicit. For example:
If you want to share session between *.google.co.uk you do:
<code class="ruby"> Rails.application.config.session_store <span class="symbol">:cookie_store</span>, <span class="symbol">:key</span> => <span class="string">'_app_session'</span>, <span class="symbol">:domain</span> => <span class="string">".google.co.uk"</span></code>
永久性cookie
http://www.thoughtrails.com/episodes/36-signed-and-permanent-cookies-in-rails3
