Rails 1.2升级至2.1(二)—— cookie_only
升级Rails到2.1要注意的事情太多,不知道为何2.1禁用了URL SESSION的功能,cookie_only的设置不起作用了。
查看action_controller/cgi_process.rb中的代码,已经没了根据cookie_only的设置的相关功能,如果需要打开这个功能,可以在config/initializers里面添加如下的patch:
module ActionController
class CgiRequest < AbstractRequest
def session
unless defined?(@session)
if @session_options == false
@session = Hash.new
else
stale_session_check! do
session_key = session_options_with_string_keys['session_key']
if cookie_only? && query_parameters[session_key]
raise SessionFixationAttempt
end
if !cookie_only? && @cgi.cookies[session_key].empty?
session_data = nil
if query_parameters[session_key]
session_data = [query_parametes[session_key]]
else
post_data = CGI.parse(body.read)
session_data = post_data[session_key]
end
@cgi.params[session_key] = session_data if session_data
end
case value = session_options_with_string_keys['new_session']
when true
@session = new_session
when false
begin
@session = CGI::Session.new(@cgi, session_options_with_string_keys)
# CGI::Session raises ArgumentError if 'new_session' == false
# and no session cookie or query param is present.
rescue ArgumentError
@session = Hash.new
end
when nil
@session = CGI::Session.new(@cgi, session_options_with_string_keys)
else
raise ArgumentError, "Invalid new_session option: #{value}"
end
@session['__valid_session']
end
end
end
@session
end
end
end
Previous post: Time.now.to_s(:db)
Next post: Rails 1.2升级至2.1(一)
No Responses To This Post So Far(Rss)