From 2e22c7fda00f78db79cb2dcc79495c085035240d Mon Sep 17 00:00:00 2001
From: Joshua Peek <josh@joshpeek.com>
Date: Thu, 18 Dec 2008 12:56:18 -0600
Subject: Conditionally inject session middleware instead of using session
 management

---
 .../lib/action_controller/session/abstract_store.rb  | 14 +++++++++++++-
 .../lib/action_controller/session/cookie_store.rb    | 20 +++++++++++++++++---
 2 files changed, 30 insertions(+), 4 deletions(-)

(limited to 'actionpack/lib/action_controller/session')

diff --git a/actionpack/lib/action_controller/session/abstract_store.rb b/actionpack/lib/action_controller/session/abstract_store.rb
index 7874ee5a28..2218152c2c 100644
--- a/actionpack/lib/action_controller/session/abstract_store.rb
+++ b/actionpack/lib/action_controller/session/abstract_store.rb
@@ -60,7 +60,7 @@ module ActionController
       end
 
       DEFAULT_OPTIONS = {
-        :key =>           'rack.session',
+        :key =>           '_session_id',
         :path =>          '/',
         :domain =>        nil,
         :expire_after =>  nil,
@@ -70,6 +70,18 @@ module ActionController
       }
 
       def initialize(app, options = {})
+        # Process legacy CGI options
+        options = options.symbolize_keys
+        if options.has_key?(:session_path)
+          options[:path] = options.delete(:session_path)
+        end
+        if options.has_key?(:session_key)
+          options[:key] = options.delete(:session_key)
+        end
+        if options.has_key?(:session_http_only)
+          options[:httponly] = options.delete(:session_http_only)
+        end
+
         @app = app
         @default_options = DEFAULT_OPTIONS.merge(options)
         @key = @default_options[:key]
diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb
index ce3cf354fd..158c940cc2 100644
--- a/actionpack/lib/action_controller/session/cookie_store.rb
+++ b/actionpack/lib/action_controller/session/cookie_store.rb
@@ -41,9 +41,11 @@ module ActionController
       SECRET_MIN_LENGTH = 30 # characters
 
       DEFAULT_OPTIONS = {
-        :domain => nil,
-        :path => "/",
-        :expire_after => nil
+        :key          => '_session_id',
+        :domain       => nil,
+        :path         => "/",
+        :expire_after => nil,
+        :httponly     => false
       }.freeze
 
       ENV_SESSION_KEY = "rack.session".freeze
@@ -56,6 +58,18 @@ module ActionController
       def initialize(app, options = {})
         options = options.dup
 
+        # Process legacy CGI options
+        options = options.symbolize_keys
+        if options.has_key?(:session_path)
+          options[:path] = options.delete(:session_path)
+        end
+        if options.has_key?(:session_key)
+          options[:key] = options.delete(:session_key)
+        end
+        if options.has_key?(:session_http_only)
+          options[:httponly] = options.delete(:session_http_only)
+        end
+
         @app = app
 
         # The session_key option is required.
-- 
cgit v1.2.3