Hi, My application responds to a URL along the lines of http://myapp/xxxx where routes.rb determines that xxxx is not an action but an affiliate code from a referral from another site. The affiliate is validated and then the browser is redirected to the 'new' action.
def affiliate reset_session # we should not have any session data set if we reach here which we will have if we are testing! affiliate = params[:affiliate] # this is parsed by routes.rb if Affiliate.validate?(affiliate) session[:affiliate_name] = affiliate else log.info 'Invalid affiliate' end redirect_to :action => 'new' end when I try to access the session data in the 'new' action to pre- populate the object with the validated affiliate name, my session data is not there. All I have is _csrf_token which suggests that I never wrote the session in the affiliate action or didn't send the cookie on the redirect. The response I get is: http://myapp:3000/quote/new Completed in 120ms (DB: 2) | 302 Found [http://myapp/xxxx] Does a 302 not send a cookie back to the browser and therefore the 'new' action is the first action to use the session and just creates a new one? Alternatives? Well I can get it working by passing the affiliate as part of the url to the 'new' action but this then means the url looks messy, and it could be easily modified so I would have to revalidate the affiliate all over again. O. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---