Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Send session data instead of session store options. #289

Merged
merged 1 commit into from
Sep 15, 2015

Conversation

jondeandres
Copy link
Contributor

We are sending session options instead of session data. I really don't
know the reason cause anybody could be interested on this instead of
request session data.

Session options in a Rails application can be something like this:

Your::Application.config.session_store :cookie_store, {
  :key =>           '_session_id',
  :path =>          '/',
  :domain =>        nil,
  :expire_after =>  nil,
  :secure =>        false,
  :httponly =>      true,
  :cookie_only =>   true
}

Which is, in general, static, doesn't depend on the current request and
well, customers can always just see their configuration file.

I'd say the original intention was send session data.

This fix the serializing JSON problem we are having in some cases where there are socket objects
to Redis or other store backends in those session options.

@jondeandres
Copy link
Contributor Author

This, probably, doesn't fix completely the problem we are having serializing JSON in some scenarios but avoid it when is caused by session options structure.

We are sending session options instead of session data. I really don't
know the reason cause anybody could be interested on this instead of
request session data.

Session options in a Rails application can be something like this:

```ruby
Your::Application.config.session_store :cookie_store, {
  :key =>           '_session_id',
  :path =>          '/',
  :domain =>        nil,
  :expire_after =>  nil,
  :secure =>        false,
  :httponly =>      true,
  :cookie_only =>   true
}
```

Which is, in general, static, doesn't depend on the current request and
well, customers can always just see their configuration file.

I'd say the original intention was send session data.

This fix the serializing JSON problem we are having in some cases where there are socket objects
to Redis or other store backends in those session options.
@brianr
Copy link
Member

brianr commented Sep 14, 2015

lgtm

jondeandres added a commit that referenced this pull request Sep 15, 2015
Send session data instead of session store options.
@jondeandres jondeandres merged commit 4ef7656 into master Sep 15, 2015
@jondeandres jondeandres deleted the send-session-data branch September 15, 2015 10:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants