This project is archived and is in readonly mode.

Share session between subdomains
Reported by Guillermo Álvarez | June 10th, 2010 @ 10:58 AM
Sessions cookies don't hace domain, so by default navigators use current HTTP_HOSTS.
If you want to share session between www.example.com and username.example.com you can't.
The next patch resolve this problem by adding a domain option in session_store initializar.
The syntax is:
  Rails.application.config.session_store :cookie_store, :key => '_app_session', :domain => :all
Comments and changes to this ticket
- 
            
         
- 
            
         Guillermo Álvarez June 10th, 2010 @ 11:25 AMThis patch is so simple, and just cover most of the cases i know, so for most complicated cases like 3th level domain, you must be explicit. For example: If you want to share session between *.google.co.uk you do: Rails.application.config.session_store :cookie_store, :key => '_app_session', :domain => ".google.co.uk"
- 
            
         Guillermo Álvarez June 10th, 2010 @ 03:23 PM- Tag changed from cookie_store, session_store.rb to 3.x, cookie_store, session_store.rb
 
- 
         Repository June 10th, 2010 @ 05:05 PM- State changed from new to resolved
 (from [c4d6245e875bbb276c122a5a401422d341dac4df]) Add support for multi-subdomain session by setting cookie host in session cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved] Signed-off-by: David Heinemeier Hansson david@loudthinking.com 
 http://github.com/rails/rails/commit/c4d6245e875bbb276c122a5a401422...
- 
         Repository June 10th, 2010 @ 07:08 PM(from [330a89072a493aafef1e07c3558964477f85adf0]) Revert "Add support for multi-subdomain session by setting cookie host in session cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved]" It does not work for domains like co.uk and com.br. This reverts commit c4d6245e875bbb276c122a5a401422d341dac4df. 
 http://github.com/rails/rails/commit/330a89072a493aafef1e07c3558964...
- 
         Rizwan Reza June 11th, 2010 @ 03:36 PM(from [44830ead1c88e1c45124133ce3e2ed9f890f42de]) Add support for multi-subdomain session by setting cookie host in session cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved] This reverts commit 330a89072a493aafef1e07c3558964477f85adf0. 
 http://github.com/rails/rails/commit/44830ead1c88e1c45124133ce3e2ed...
- 
            
         Bryce Thornton June 19th, 2010 @ 08:44 PMI really like this new ":domain => :all" option, but I'm getting a "ActionController::InvalidAuthenticityToken" exception when trying to use it. Everything works fine when specifying the domain directly. 
- 
            
         iGEL September 7th, 2010 @ 07:35 PMHere is a list of all domains with several levels (like .co.uk): http://publicsuffix.org/ It's maintained by the Mozilla Project. 
- 
            
         Fjan December 2nd, 2010 @ 04:34 PMThis patch doe produce a cookie that doesn't conform to specs if the host you are accessing is "localhost" or an IP address. The browsers I tried don't seem to care about this but Unix' wget will complain about it. 
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
<h2 style="font-size: 14px">Tickets have moved to Github</h2>
The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>
People watching this ticket
Attachments
Referenced by
- 
         4818 
          Share session between subdomains
        (from [c4d6245e875bbb276c122a5a401422d341dac4df])
Add sup... 4818 
          Share session between subdomains
        (from [c4d6245e875bbb276c122a5a401422d341dac4df])
Add sup...
- 
         4818 
          Share session between subdomains
        (from [330a89072a493aafef1e07c3558964477f85adf0])
Revert ... 4818 
          Share session between subdomains
        (from [330a89072a493aafef1e07c3558964477f85adf0])
Revert ...
- 
         4818 
          Share session between subdomains
        (from [44830ead1c88e1c45124133ce3e2ed9f890f42de])
Add sup... 4818 
          Share session between subdomains
        (from [44830ead1c88e1c45124133ce3e2ed9f890f42de])
Add sup...
- 
         5147 
          The ":all" Domain Option For The Cookie Session Store Doesn't Allow Non-Standard TLD's Like ".local" or ".co.uk"
        
https://rails.lighthouseapp.com/projects/8994/tickets/48... 5147 
          The ":all" Domain Option For The Cookie Session Store Doesn't Allow Non-Standard TLD's Like ".local" or ".co.uk"
        
https://rails.lighthouseapp.com/projects/8994/tickets/48...
- 
         5147 
          The ":all" Domain Option For The Cookie Session Store Doesn't Allow Non-Standard TLD's Like ".local" or ".co.uk"
        I'm getting this same problem. In Rails 3.0.0.rc, when I ... 5147 
          The ":all" Domain Option For The Cookie Session Store Doesn't Allow Non-Standard TLD's Like ".local" or ".co.uk"
        I'm getting this same problem. In Rails 3.0.0.rc, when I ...
- 
         5147 
          The ":all" Domain Option For The Cookie Session Store Doesn't Allow Non-Standard TLD's Like ".local" or ".co.uk"
        I'm still having the problem as well. The patch from #481... 5147 
          The ":all" Domain Option For The Cookie Session Store Doesn't Allow Non-Standard TLD's Like ".local" or ".co.uk"
        I'm still having the problem as well. The patch from #481...
 Doug Mayer
      Doug Mayer
 Guillermo Álvarez
      Guillermo Álvarez
 Manu Campos
      Manu Campos