Closed nickjer closed 7 years ago
The default session store is ActionDispatch::Session::CookieStore
http://api.rubyonrails.org/classes/ActionDispatch/Session/CookieStore.html
Because CookieStore extends Rack::Session::Abstract::Persisted, many of the options described there can be used to customize the session cookie that is generated
So we can change the path in the initializer that sets the session store. For example in My Jobs we have this file:
Rails.application.config.session_store :cookie_store, key: '_job_constructor_session'
We can add the path argument here:
Rails.application.config.session_store :cookie_store, key: '_job_constructor_session', path: "/pun/sys/myjobs"
Of course we would set this to RAILS_RELATIVE_URL_ROOT
or whatever the Rails helper method is. The trick is that if we do this, it has to match the path that the user's browser is sending. There are passenger env vars set that could be used for this.
I am fine with ENV['RAILS_RELATIVE_URL_ROOT']
that is set by Passenger and we make use of it when we pre-compile assets.
Yuck, seems we can't inject a default path without some serious monkey-patching here:
in particular the line:
options[:path] ||= "/"
Currently the default cookie path is
/
. This should match theRAILS_RELATIVE_URL_ROOT
or whatever Rails helper method that gives this.