I submitted a ticket about this, but I thought perhaps I should ping this mailing list as well.
When deploying an an app that was upgraded to run on Rails 2.0 and use cookie sessions, users that are logged into the site receive an error: CGI::Session::CookieStore::TamperedWithCookie when they first visit the site. When they refresh once, this error will no longer appear. However, I can't figure out how to work around them seeing an Application Error screen the first time. Is there any way to rescue_from this error, or otherwise avoid encountering it all together?
> I submitted a ticket about this, but I thought perhaps I should ping > this mailing list as well.
> When deploying an an app that was upgraded to run on Rails 2.0 and use > cookie sessions, users that are logged into the site receive an error: > CGI::Session::CookieStore::TamperedWithCookie when they first visit > the > site. When they refresh once, this error will no longer appear. > However, > I can't figure out how to work around them seeing an Application Error > screen the first time. Is there any way to rescue_from this error, or > otherwise avoid encountering it all together?
If you change the name of the cookie used then the app won't see the old cookie at all, which should handle things.
Frederick Cheung wrote: > If you change the name of the cookie used then the app won't see the > old cookie at all, which should handle things.
I'm still not able to work around this issue. The problem occurs when I change the "secret" used by cookie sessions in config/environment.rb:
config.action_controller.session = { :session_key => x, :secret => y }
That seems to trigger the TamperedWithCookie, which resolves itself after one refresh. Changing the session_key and the secret at the same time still triggers the error. So, I don't know what to do!
Again, any further help would be much appreciated.
> That seems to trigger the TamperedWithCookie, which resolves itself > after one refresh. Changing the session_key and the secret at the same > time still triggers the error. So, I don't know what to do!
It should work, change the value associated to :session_key (which is the name of the cookie) in environment.rb and restart the server.
Xavier Noria wrote: > On Dec 10, 2007, at 2:10 AM, Trevor Turk wrote: > It should work, change the value associated to :session_key (which is > the name of the cookie) in environment.rb and restart the server.
I've added more detail to a Rails Trac ticket, including an example of the error. I'm doing what you suggested, Xavier, and I'm still getting this error.
> Xavier Noria wrote:
> > On Dec 10, 2007, at 2:10 AM, Trevor Turk wrote:
> > It should work, change the value associated to :session_key (which is
> > the name of the cookie) in environment.rb and restart the server.
> I've added more detail to a Rails Trac ticket, including an example of
> the error. I'm doing what you suggested, Xavier, and I'm still getting
> this error.
Katie Kelly wrote: > I had the same problem when I upgraded to 2.0.1 and I got around it by > deleting the contents of my tmp/sessions directory. Hope that helps!
I was using the database for sessions, so that's not the problem. Thanks for the reply, though! -- Posted via http://www.ruby-forum.com/.
Trevor Turk wrote: > Katie Kelly wrote: >> I had the same problem when I upgraded to 2.0.1 and I got around it by >> deleting the contents of my tmp/sessions directory. Hope that helps!
> I was using the database for sessions, so that's not the problem. Thanks > for the reply, though!
I had the same problem then I got around it by deleting the contents from sessions table. -- Posted via http://www.ruby-forum.com/.
|
