This project is archived and is in readonly mode.

#4743 ✓ resolved
Noah

Session Cookie breaks if used with custom cookie in rails 2.3.8

Reported by Noah | June 1st, 2010 @ 05:20 AM | in 2.3.9

Attached is a patch with a simple failing test demonstrating how a session cookie breaks when also using a custom cookie. A newline is prepended to the session cookie which breaks the session. The newline is added because when rails adds the session cookie, it's expecting a Set-Cookie header in the form of a string, separated by newlines. In fact, rails gets an array of cookies so the newline is prepended to the session cookie.

I see there's a suspiciously similar Issue #4714. Reverting to rack 1.0 seems to fix the issue. Not sure where the responsibility lies for this issue.

    def set_session_value_and_cookie
      cookies["foo"] = "bar"
      session[:foo] = "bar"
      render :text => Rack::Utils.escape(Verifier.generate(session.to_hash))
    end

Comments and changes to this ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

Tickets have moved to Github

The new ticket tracker is available at https://github.com/rails/rails/issues

Shared Ticket Bins

Referenced by

Pages