my rails app provides additional data through the session hash.
while testing it in different browsers - including ff 3.5, safari 4 and iCab (which i am using because of its harsh security guidelines) - i found out that even in the app's log the session hash looked different - the only thing the iCab session contained was the session_id
and nothing else.
Does it make sense to disallow session_variables?
views:
84answers:
1
A:
Sounds like iCab is blocking cookies. Rails is generating you a new session_id for each request but all other data stored in the session is not available between requests.
mikej
2009-11-17 15:01:18
thx mike,that was my first thought - but in the preferences i explicitly allowed the session\_cookies - what the hack is this option for then?
ernd enson
2009-11-17 15:19:22
there is no difference between allowing and not allowing session_cookies - ok, this is a very product specific question<br />thank you!
ernd enson
2009-11-17 15:23:27