Ace - cheers!<br><br><div class="gmail_quote">On Mon, Nov 2, 2009 at 3:13 PM, Magnus Holm <span dir="ltr"><<a href="mailto:judofyr@gmail.com">judofyr@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Okay, I think we're actually fine by setting :path => "/" by default.<br>
If you want anything different, you should use "use<br>
Rack::Session::Cookie" yourself.<br>
<br>
//Magnus Holm<br>
<br>
<br>
<br>
On Mon, Oct 19, 2009 at 19:14, Jonathan Hickford<br>
<div><div></div><div class="h5"><<a href="mailto:jonathan.hickford%2Bcamping@gmail.com">jonathan.hickford+camping@gmail.com</a>> wrote:<br>
> Hi,<br>
><br>
> I'd be inclined to agree with the middleware approach too, especially<br>
> if it's pre 2.0 release and that change can be made along side other<br>
> 1.5 -> 2.0 changes<br>
><br>
> Jon<br>
><br>
>> On Sun, Oct 18, 2009 at 9:31 PM, Magnus Holm <<a href="mailto:judofyr@gmail.com">judofyr@gmail.com</a>> wrote:<br>
>>> Wow, great catch! This is definitely a bug. I guess this should go to<br>
>>> GitHub issues, yes.<br>
>>><br>
>>> This is actually an issue where Camping and Rack::Session::Cookie fight:<br>
>>><br>
>>> At the first request, sessions.state is set in ::Cookie after Camping<br>
>>> has done its magic.<br>
>>><br>
>>> At the second request, Camping loads @state from @env['rack.state'],<br>
>>> the app changes the session, but @cookie['sessions.state'] stays<br>
>>> intact. Camping's #to_a then sets the cookies again in the response:<br>
>>><br>
>>> @cookies.each do |k, v|<br>
>>> v = {:value => v, :path => self / "/"} if String === v<br>
>>> r.set_cookie(k, v)<br>
>>> end<br>
>>><br>
>>> Which means that it sets a sessions.state-cookie at /sessions/. Then<br>
>>> ::Cookies kicks in and figures out that the sessions have changed and<br>
>>> sets a new cookie, but this time at /. (This also has the effect that<br>
>>> Camping copies all the cookies at / into /sessions/)<br>
>>><br>
>>> At the third request, Rack chooses cookies "such that those with more<br>
>>> specific Path attributes precede those with less specific", and the<br>
>>> cookie at /sessions/ wins.<br>
>>><br>
>>> Your fix won't unfornately work because @root is only available inside<br>
>>> a request/controller.<br>
>>><br>
>>> I think we need to do two things:<br>
>>> * Make sure Camping only sets cookies when they've changed.<br>
>>> * Figure out a way to set :path to SCRIPT_NAME. If so, this should<br>
>>> only be an option, as you might also want to mount two apps and have<br>
>>> them share the sessions (aka :path => '/').<br>
>>><br>
>>> I'm not quite sure how we should add that option, though. We could<br>
>>> switch Camping::Session to be a middleware, but this means all apps<br>
>>> will have to change "include Camping::Session" to "use<br>
>>> Camping::Session". It's maybe not such a big deal? We should at least<br>
>>> do these kind of changes *before* the release of 2.0.<br>
>>><br>
>>> Some examples:<br>
>>><br>
>>> # Middleware<br>
>>> use Camping::Session, :secret => "foo", :shared => true<br>
>>><br>
>>> # Subclass<br>
>>> include Camping::Session::Shared<br>
>>> secret "foo"<br>
>>><br>
>>> # New method<br>
>>> include Camping::Session<br>
>>> secret "foo"<br>
>>> shared_cookie!<br>
>>><br>
>>> # Merge #secret and #shared_cookie! together<br>
>>> include Camping::Session<br>
>>> session_options :secret => "foo", :shared => true<br>
>>><br>
>>><br>
>>> I think I actually prefer the middleware-version. It's short and<br>
>>> concise and can be extended with more options if needed.<br>
>>><br>
>>> What do you think?<br>
>>><br>
>>><br>
>>> //Magnus Holm<br>
>>><br>
>>><br>
>>><br>
>>> On Sun, Oct 18, 2009 at 19:59, Jonathan Hickford<br>
>>> <<a href="mailto:jonathan.hickford%2Bcamping@gmail.com">jonathan.hickford+camping@gmail.com</a>> wrote:<br>
>>>> Hi all,<br>
>>>><br>
>>>> Not sure where best to raise this (github issues?) but I'm seeing an<br>
>>>> issue with the cookie sessions in camping 2.0 using rack. If I mount<br>
>>>> an app such as the example blog or the sessions test app at any url<br>
>>>> that is not the root session information is lost in some cases. Same<br>
>>>> thing happens if I use the built in Camping server.<br>
>>>><br>
>>>> For example if I mount the blog app using rackup at '/blog' I'm unable<br>
>>>> to log in. If I mount the sessions test app the information added on<br>
>>>> the second page is lost when it reaches page three. Looking at the<br>
>>>> cookies in the browser I can see two state cookies set with the paths<br>
>>>> '/' and '/blog/'.<br>
>>>><br>
>>>> I'm guessing this is to do with Rack::Session::Cookie in session.rb,<br>
>>>> which will default to use :path => '/' in all cases. If I explicitly<br>
>>>> add :path => '/blog/' there it starts working as expected. Some more<br>
>>>> detailed outputs here (this will run from /test)<br>
>>>> <a href="http://pastebin.com/m6c13a4aa" target="_blank">http://pastebin.com/m6c13a4aa</a><br>
>>>><br>
>>>> Is that me doing something crazy there (I'm not expert!) or is that a<br>
>>>> bug? If that's an issue I think the below change to session.rb fixes<br>
>>>> it, passing in the apps @root into the path Rack's session cookie<br>
>>>> middleware. I can push that somewhere if we reckon that's a fix?<br>
>>>><br>
>>>> - app.use Rack::Session::Cookie, :key => key, :secret => secret<br>
>>>> + app.use Rack::Session::Cookie, :key => key, :secret => secret, :path => @root<br>
>>>><br>
>>>> Regards,<br>
>>>><br>
>>>> Jon<br>
>>>> _______________________________________________<br>
>>>> Camping-list mailing list<br>
>>>> <a href="mailto:Camping-list@rubyforge.org">Camping-list@rubyforge.org</a><br>
>>>> <a href="http://rubyforge.org/mailman/listinfo/camping-list" target="_blank">http://rubyforge.org/mailman/listinfo/camping-list</a><br>
>>>><br>
>>> _______________________________________________<br>
>>> Camping-list mailing list<br>
>>> <a href="mailto:Camping-list@rubyforge.org">Camping-list@rubyforge.org</a><br>
>>> <a href="http://rubyforge.org/mailman/listinfo/camping-list" target="_blank">http://rubyforge.org/mailman/listinfo/camping-list</a><br>
>><br>
> _______________________________________________<br>
> Camping-list mailing list<br>
> <a href="mailto:Camping-list@rubyforge.org">Camping-list@rubyforge.org</a><br>
> <a href="http://rubyforge.org/mailman/listinfo/camping-list" target="_blank">http://rubyforge.org/mailman/listinfo/camping-list</a><br>
><br>
_______________________________________________<br>
Camping-list mailing list<br>
<a href="mailto:Camping-list@rubyforge.org">Camping-list@rubyforge.org</a><br>
<a href="http://rubyforge.org/mailman/listinfo/camping-list" target="_blank">http://rubyforge.org/mailman/listinfo/camping-list</a></div></div></blockquote></div><br>