1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Add support for multi-subdomain session by setting cookie host in session cookie so you can share session between www.example.com, example.com and user.example.com. [#4818 state:resolved]

This reverts commit 330a89072a.
This commit is contained in:
Rizwan Reza 2010-06-11 10:25:39 +04:30 committed by José Valim
parent b69a2db952
commit 44830ead1c
4 changed files with 47 additions and 2 deletions

View file

@ -1,7 +1,10 @@
Rails 3.0.0 [Release Candidate] (unreleased)*
*Rails 3.0.0 [Release Candidate] (unreleased)*
* Add support for multi-subdomain session by setting cookie host in session cookie so you can share session between www.example.com, example.com and user.example.com. #4818 [Guillermo Álvarez]
* Removed textilize, textilize_without_paragraph and markdown helpers. [Santiago Pastorino]
*Rails 3.0.0 [beta 4] (June 8th, 2010)*
* Remove middleware laziness [José Valim]

View file

@ -122,6 +122,11 @@ module ActionDispatch
cookie[:expires] = Time.now + options.delete(:expire_after)
end
if options[:domain] == :all
top_level_domain = env["HTTP_HOST"].split('.')[-2..-1].join('.')
options[:domain] = ".#{top_level_domain}"
end
request = ActionDispatch::Request.new(env)
set_cookie(request, cookie.merge!(options))
end

View file

@ -34,6 +34,14 @@ module ActionDispatch
# integrity defaults to 'SHA1' but may be any digest provided by OpenSSL,
# such as 'MD5', 'RIPEMD160', 'SHA256', etc.
#
# * <tt>:domain</tt>: Restrict the session cookie to certain domain level.
# If you use a schema like www.example.com and wants to share session
# with user.example.com set <tt>:domain</tt> to <tt>:all</tt>
#
# :domain => nil # Does not sets cookie domain. (default)
# :domain => :all # Allow the cookie for the top most level
# domain and subdomains.
#
# To generate a secret key for an existing application, run
# "rake secret" and set the key in config/environment.rb.
#

View file

@ -185,6 +185,35 @@ class CookieStoreTest < ActionController::IntegrationTest
end
end
def test_session_store_with_explicit_domain
with_test_route_set(:domain => "example.es") do
get '/set_session_value'
assert_match /domain=example\.es/, headers['Set-Cookie']
headers['Set-Cookie']
end
end
def test_session_store_without_domain
with_test_route_set do
get '/set_session_value'
assert_no_match /domain\=/, headers['Set-Cookie']
end
end
def test_session_store_with_nil_domain
with_test_route_set(:domain => nil) do
get '/set_session_value'
assert_no_match /domain\=/, headers['Set-Cookie']
end
end
def test_session_store_with_all_domains
with_test_route_set(:domain => :all) do
get '/set_session_value'
assert_match /domain=\.example\.com/, headers['Set-Cookie']
end
end
private
# Overwrite get to send SessionSecret in env hash