Ruby on Rails | Screencasts | Download | Documentation | Weblog | Community | Source

Changeset 6184

Show
Ignore:
Timestamp:
02/21/07 09:17:38 (2 years ago)
Author:
bitsweat
Message:

Introduce a cookie-based session store as the Rails default. Sessions typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A secure hash is included with the cookie to ensure data integrity (a user cannot alter his user_id without knowing the secret key included in the hash). If you have more than 4K of session data or don't want your data to be visible to the user, pick another session store. Cookie-based sessions are dramatically faster than the alternatives.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/actionpack/CHANGELOG

    r6178 r6184  
    11*SVN* 
     2 
     3* Introduce a cookie-based session store as the Rails default. Sessions typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A secure hash is included with the cookie to ensure data integrity (a user cannot alter his user_id without knowing the secret key included in the hash). If you have more than 4K of session data or don't want your data to be visible to the user, pick another session store. Cookie-based sessions are dramatically faster than the alternatives.  [Jeremy Kemper] 
    24 
    35* Added .erb and .builder as preferred aliases to the now deprecated .rhtml and .rxml extensions [Chad Fowler]. This is done to separate the renderer from the mime type. .erb templates are often used to render emails, atom, csv, whatever. So labeling them .rhtml doesn't make too much sense. The same goes for .rxml, which can be used to build everything from HTML to Atom to whatever. .rhtml and .rxml will continue to work until Rails 3.0, though. So this is a slow phasing out. All generators and examples will start using the new aliases, though. 

  • trunk/actionpack/lib/action_controller/cgi_process.rb

    r6165 r6184  
    33require 'action_controller/cgi_ext/raw_post_data_fix' 
    44require 'action_controller/cgi_ext/session_performance_fix' 
     5require 'action_controller/session/cookie_store' 
    56 
    67module ActionController #:nodoc: 
     
    3738 
    3839    DEFAULT_SESSION_OPTIONS = { 
    39       :database_manager => CGI::Session::PStore, 
    40       :prefix           => "ruby_sess.", 
    41       :session_path     => "/" 
     40      :database_manager => CGI::Session::CookieStore, # store data in cookie 
     41      :prefix           => "ruby_sess.",    # prefix session file names 
     42      :session_path     => "/"              # available to all paths in app 
    4243    } unless const_defined?(:DEFAULT_SESSION_OPTIONS) 
    4344 

  • trunk/actionpack/lib/action_controller/session_management.rb

    r6152 r6184  
     1require 'action_controller/session/cookie_store' 
    12require 'action_controller/session/drb_store' 
    23require 'action_controller/session/mem_cache_store'