Rails Cookie设置问题
[英]Rails Cookie Setting Problems
问题描述
I have a Rails app that sets a cookie and does a redirect to another server once the user is logged in. However, the cookie that the Rails app sets isn't seen by the server for some reason. 
我有一个Rails应用程序设置一个cookie并在用户登录后重定向到另一个服务器。但是,Rails应用程序设置的cookie由于某种原因不被服务器看到。 I've tried setting http_only to false but I still can't even see the cookie unless the domain is the same as my Rails app. 我已经尝试将http_only设置为false但我仍然看不到cookie,除非该域与我的Rails应用程序相同。 Here's the code I'm using to set the cookie: 这是我用来设置cookie的代码:
cookies[:dev_appserver_login] =
{ :value => "#{email}:#{nick}:#{admin}:#{hsh}",
:domain => "webserver-to-redirect-to",
:expires => 30.days.from_now }
redirect_to session[:dest_url]
If I manually create a cookie with the Web Developer extension in Firefox it works fine, but not when Rails does it. 如果我在Firefox中手动创建一个带有Web Developer扩展的cookie,它可以正常工作,但是当Rails没有这样做时。 Any ideas? 有任何想法吗?
3 个解决方案
解决方案1
9 已采纳 2008-10-22 23:10:37
What are the redirecting and redirected-to servers? 什么是重定向和重定向到服务器? You can only set 'domain' to the current hostname or a parent domain, so if you're on a.example.com and you're redirecting to b.example.com, you have to set 'domain' to .example.com, not b.example.com as implied in the code snippet. 您只能将“域”设置为当前主机名或父域,因此,如果您在a.example.com上并且要重定向到b.example.com,则必须将“域”设置为.example。 com, 而不是代码段中隐含的b.example.com。
(And open domains like the .com TLD aren't themselves allowed as domain values, so if you want to pass a cookie from a.example.com to b.somewhereelse.com you will need a more complicated solution probably involving changing the code on somewhereelse.com.) (像.com TLD这样的开放域名本身不允许作为域值,因此如果您想将cookie从a.example.com传递到b.somewhereelse.com,您将需要一个更复杂的解决方案,可能涉及更改代码在somewhereelse.com上。)
解决方案2
1 2008-10-23 00:50:41
I still can't even see the cookie unless the domain is the same as my Rails app.
That's how cookies are supposed to work. 这就是cookie应该如何工作。 If you're accessing it directly by IP, then as far as the web browser is concerned, your 'domain' is just your IP, so the same rules apply. 如果您通过IP直接访问它,那么就Web浏览器而言,您的“域”只是您的IP,因此适用相同的规则。
解决方案3
0 2014-07-09 20:37:00
You can get around this in development mode by editing your /etc/hosts file and creating host names for your apps 您可以通过编辑/ etc / hosts文件并为应用程序创建主机名,在开发模式下解决此问题
127.0.0.1 app1.localdev.com, app2.localdev.com
Then, when the cookie is created set the domain to '.localdev.com' (note the preceeding period') which will allow any app at any subdomain of localdev.com to read it. 然后,当创建cookie时,将域设置为'.localdev.com'(注意前一段时间'),这将允许localdev.com的任何子域中的任何应用程序读取它。
Another broader solution (which is better for production deploys, but more work to set up) is to set up a path proxy for the sub-app so requests to appdomain.com go to app1 and requests to appdomain.com/other-app/ are proxied to the other app. 另一个更广泛的解决方案(更适合生产部署,但需要设置更多工作)是为子应用程序设置路径代理,以便appdomain.com请求转到app1并请求appdomain.com/other-app/被代理到其他应用程序。 This lets them share the root domain and easily share cookies. 这使他们可以共享根域并轻松共享cookie。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.