On Tue, Aug 24, 2010 at 7:04 AM, gkaykck <gkay...@gmail.com> wrote:
> you should share some code here, there could be many reasons for that
>
Ok it's pretty simple.
In rails 2 app I have something like this.
Initializers session_store.rb
ActionController::Base.session_store = :cookie_store
ActionController::Base.session = {
:key => '_session_identifier',
:secret => secret
}
enviroment.rb
config.action_controller.session = {
:domain => '.domain.name'
}
In the rails 3 application I have this.
Rails.application.config.session_store :cookie_store, :key =>
'_session_identifier', :domain => ".domain.name"
Rails.application.config.secret_token = secret
Rails.application.config.cookie_secret = secret
in the rails3 app I set the variables like this
session['tim'] = 'This is a session variable'
cookies['tim'] = 'This is a cookie variable'
in the rails2 app
@tim = session['tim']
@cookie = cookies['tim']
The steps needed to crash the rails 2 app.
go to domain.name
cookies and session variables are set
go to subdomain name
cookie and session variable is read properly
go back to domain name, reload
go back to subdomain, reload
the applicaiton crashes
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to rubyonrails-t...@googlegroups.com.
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
