diff options
| author | Jeremy Kemper <jeremy@bitsweat.net> | 2007-02-21 09:17:38 +0000 |
|---|---|---|
| committer | Jeremy Kemper <jeremy@bitsweat.net> | 2007-02-21 09:17:38 +0000 |
| commit | f29857690fee7fa8350f79922e349669480c0329 (patch) | |
| tree | 68cb793cc38c9d288ce496b82d931f993b25e459 /actionpack/lib/action_controller/cgi_process.rb | |
| parent | 2afc01b7ce6283a3c5e62b92890be8cd77f9455f (diff) | |
| download | rails-f29857690fee7fa8350f79922e349669480c0329.tar.gz rails-f29857690fee7fa8350f79922e349669480c0329.tar.bz2 rails-f29857690fee7fa8350f79922e349669480c0329.zip | |
Introduce a cookie-based session store as the Rails default. Sessions typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A secure hash is included with the cookie to ensure data integrity (a user cannot alter his user_id without knowing the secret key included in the hash). If you have more than 4K of session data or don't want your data to be visible to the user, pick another session store. Cookie-based sessions are dramatically faster than the alternatives.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@6184 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/lib/action_controller/cgi_process.rb')
| -rw-r--r-- | actionpack/lib/action_controller/cgi_process.rb | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/actionpack/lib/action_controller/cgi_process.rb b/actionpack/lib/action_controller/cgi_process.rb index aa4cba1066..5712abc701 100644 --- a/actionpack/lib/action_controller/cgi_process.rb +++ b/actionpack/lib/action_controller/cgi_process.rb @@ -2,6 +2,7 @@ require 'action_controller/cgi_ext/cgi_ext' require 'action_controller/cgi_ext/cookie_performance_fix' require 'action_controller/cgi_ext/raw_post_data_fix' require 'action_controller/cgi_ext/session_performance_fix' +require 'action_controller/session/cookie_store' module ActionController #:nodoc: class Base @@ -36,9 +37,9 @@ module ActionController #:nodoc: attr_accessor :cgi, :session_options DEFAULT_SESSION_OPTIONS = { - :database_manager => CGI::Session::PStore, - :prefix => "ruby_sess.", - :session_path => "/" + :database_manager => CGI::Session::CookieStore, # store data in cookie + :prefix => "ruby_sess.", # prefix session file names + :session_path => "/" # available to all paths in app } unless const_defined?(:DEFAULT_SESSION_OPTIONS) def initialize(cgi, session_options = {}) |