Issue with escaping, chrome dropping + (replacing with space)

trevorturk / flash_cookie_session

Rails 3 cookie sessions can cooperate with Flash

79 stars 16 forks source link

Issue with escaping, chrome dropping + (replacing with space) #7

Closed ryanto closed 13 years ago

ryanto commented 13 years ago

This is not a bug with your code, but more your documentation. Any JavaScript should use this double escaping when passing in the cookie and authenticity token. Chrome will otherwise convert the +'s to spaces, causing the authentication to fail.

{ '<%= key = Rails.application.config.session_options[:key] %>': encodeURIComponent('<%= u cookies[key] %>'), '<%= request_forgery_protection_token %>': encodeURIComponent('<%= u form_authenticity_token %>') }

trevorturk commented 13 years ago

Would you mind working up a pull request for this? Thanks!

ryanto commented 13 years ago

Ya, will do. I was only opening this issue so I could have something to reference when I submitted the pull request :)

I'll most likely commit this in the next few days.

trevorturk commented 13 years ago

Closing due to lack of feedback