ruby - Rails 3 disabling session cookies

Question

Welcome To Ask or Share your Answers For Others

ruby - Rails 3 disabling session cookies

posted Oct 17, 2021 in Technique[技术] by 深蓝 (71.8m points)

ruby - Rails 3 disabling session cookies

I have RESTful API written on RoR 3. I have to make my application not to send "Set-Cookie header" (clients are authorizing using auth_token parameter).

I have tried to use session :off and reset_session but it does not make any sense. I am using devise as authentication framework.

Here is my ApplicationController

class ApplicationController < ActionController::Base
  before_filter :reset_session #, :unless => :session_required?
  session :off #, :unless => :session_required?

  skip_before_filter :verify_authenticity_token
  before_filter :access_control_headers!

  def options
    render :text => ""
  end

  private
  def access_control_headers!
    response.headers["Access-Control-Allow-Origin"] = "*"
    response.headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, DELETE, OPTIONS"
    response.headers["Access-Control-Allow-Credentials"] = "true"
    response.headers["Access-Control-Allow-Headers"] = "Content-type"
  end

  def session_required?
    !(params[:format] == 'xml' or params[:format] == 'json')
  end
end

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-16T23:52:20+0000

Use the built in option.

env['rack.session.options'][:skip] = true

or the equivalent

request.session_options[:skip] = true

You can find the documentation for it here https://github.com/rack/rack/blob/master/lib/rack/session/abstract/id.rb#L213

Categories

ruby - Rails 3 disabling session cookies

ruby - Rails 3 disabling session cookies

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags