From 30285254b291bb679c8acae35cf9359bdee2b4e5 Mon Sep 17 00:00:00 2001
From: Shin-ichiro OGAWA <rust.stnard@gmail.com>
Date: Fri, 6 Mar 2009 11:45:53 +0900
Subject: [PATCH] Even if cookie is enabled, Use session_id of request paramenter when :cookie_only => true.

---
 .../action_controller/session/abstract_store.rb    |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/actionpack/lib/action_controller/session/abstract_store.rb b/actionpack/lib/action_controller/session/abstract_store.rb
index f6369ab..4285bdd 100644
--- a/actionpack/lib/action_controller/session/abstract_store.rb
+++ b/actionpack/lib/action_controller/session/abstract_store.rb
@@ -161,10 +161,11 @@ module ActionController
 
         def load_session(env)
           request = Rack::Request.new(env)
-          sid = request.cookies[@key]
           unless @cookie_only
-            sid ||= request.params[@key]
+            sid = request.params[@key]
           end
+          sid ||= request.cookies[@key]
+
           sid, session = get_session(env, sid)
           [sid, session]
         end
-- 
1.5.4.3