Bizarre Bug with our Rails app in IE

Question

We're experiencing a really bizarre bug in our Rails 2.3.4 app.

This bug only happens in Internet Explorer (7 and 8). Here's what happens:

• A new customer creates an account at https://domain.com/signup/free (notice no subdomain)
• Their account is identified by a subdomain like "example.domain.com"
• After signing up, they get a welcome screen with a link to their account's home page
• They follow the link, then click the "log in" button and attempt to login
• Even though they provide valid credentials, the app redirects back to their account's root url ... they can never reach their admin area
• The only way they can login (on IE) is by quitting and re-opening IE ... then it works fine ...

Something with their initial session is preventing them from logging in. If it matters, we are using restful_authentication and the ssl_requirement plugin ... I'm not sure if one or both of those has a problem with IE but we are stumped here.

Also, I've read IE has an issue with subdomains that contain underscores ... this isn't what's going on.

Answer 1

If the domain of the session cookie is set to 'domain.com', try setting it to '.domain.com' instead.

I don't know if this works with 2.3.4, but

ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:session_domain] = '.domain.com'

used to do the trick.