Rails 3 is changing session ID on POST from AIR -

-

i have rest api in rails 3 being accessed air application , browser.

i think rails 3 problem might flex/air problem.

the rails app uses omniauth authentication, cancan authorization, , active_record_store. use session model store identity of user.

(there reason i'm not using cookie sessions, having air android, oauth, , stagewebview.)

i'm using charles monitor http traffic.

most requests work fine. browser (or air client) sends session id server using cookie http header, this:

_session_id=950dee7eca6732aa62b5f91876f66d15

and rails finds session, figures out user is, , thing.

but under circumstances, rails generates new session before sending response. adds session sessions table, , returns set-cookie header client new session id. this:

_session_id=e1489a6b610c0a1d13cec1454228ae47; path=/; httponly

the circumstances under happens are:

  • the request comes air client
  • the request post

this problem, because on subsequent requests, rails can't find user information. created new session without information.

so i'm looking @ http headers post request. here's copy/paste charles; inserted colon after header name make readable.

host: localhost.seti.hg94.com:3000 content-type: application/x-www-form-urlencoded user-agent: mozilla/5.0 (macintosh; u; intel mac os x; en) applewebkit/531.9 (khtml, gecko) adobeair/2.6 referer: app:/androidapplication.swf x-flash-version: 10,2,152,22 accept: */* accept-language: en-us accept-encoding: gzip, deflate cookie: _session_id=950dee7eca6732aa62b5f91876f66d15 content-length: 84 connection: keep-alive

does anyone have insight why rails generate new session under circumstances? seems happening after controller code executes, since have correct session information in controller.

i'm busy trying isolate problem further, control headers within air, , on. i've been working on bug week. insight or suggestions community appreciated.

only guess, seems you're not bringing across csrf token rails generates post-based requests:

http://guides.rubyonrails.org/security.html#cross-site-request-forgery-csrf


Comments

Post a Comment

Popular posts from this blog

c# - How to set Z index when using WPF DrawingContext? -

-
how set z-index drawing object when using drawingcontext.drawxxx() methods? the object drawn last have higher z index. can't change index of drawn objects. way draw in order. if using wpf (as placed tag), can use, example, canvas control. create shapes need like polyline obj = new polyline(); //... // ... set properties of obj and add them canvas uielementcollection: yourcanvasname.children.add(obj); //or yourcanvasname.children.insert(i, obj); first items of collection have higher z index. advantages in way: no need redraw on window changes, can anytime move objects , change order.
Read more

razor - Is this a bug in WebMatrix PageData? -

-
i think may have found bug in webmatrix's pagedata, not sure. concerns how pass data partial page calling page. in webmatrix documentation (tutorials, e.g. " 3 - creating consistent look ", , example code), pagedata recommended mechanism pass data between pages (e.g. content page layout page, or partial page). however have found not work other way, pass data partial page calling page. modifying or adding entries in pagedata in partial page, not seem calling page. cutting right down simplest possible example, in test page may have this: @{ pagedata["test"] = "initial entry"; } <p>before calling partial page, test value @pagedata["test"]</p> @renderpage("_testpartial.cshtml") <p>after returning calling page, test value @pagedata["test"]</p> and in _testpartial.cshtml page might have this: @{ pagedata["test"] = "modified entry"; } <p>in partial page...
Read more

visual c++ - Using relative values in array sorting ( asm ) -

-
i need sort through array , sort each individual row in array in ascending order. doesn't seem going (surprise!) keep getting hit 2 errors: a2101: cannot add 2 relocatable labels , a2026: constant expected here's sort, makes sense me, think i'm still trying implement high-lvl language techniqes assembly. there way around not being able use relative values? (the array 7 rows 9 columns, btw). mov cx, 7; cx = number of rows outer: ; outer loop walk through rows push cx mov cx, 9 mov row, cx ;rows middle: ; middle-loop walk through columns push cx sub cx, 1 ;cx = cx-1 mov column, cx ;columns inner: ;inner loop - compare , exchange column values cmp marray[row*9 + column], marray[row*9 + column+1] xchg marray[row*9 + column+1], marray[row*9 + column] ; compare , exchange values marray table inc column loop inner pop cx loop mid...
Read more