问题描述
这是 session [:food] =pizza
和 cookies.permanent [:food] = pizza
?
我试图读取rails文档,并说:
which are the difference between session[:food]="pizza"
and cookies.permanent[:food]=pizza
?
I tried to read rails documentation and it says:
然后我不明白,如果session [:food ]保存在cookie中,所以cookies.permanent [:food]有,有什么区别?
Then I don't understand, if session[:food] is saved in a cookie and so cookies.permanent[:food] does, what's the difference?
推荐答案
它出来,会话数据是在cookie(rails 3)或加密cookie(rails 4)中base64编码。使用像Firefox的Web Developer Extension(WDE)插件一样的工具,它有一个cookie菜单项,使用它删除localhost网站的所有cookie,然后将您的代码添加到控制器操作
I recommend you try it out, session data is base64 encoded in the cookie (rails 3) or in an encrypted cookie (rails 4) . Use a tool like Firefox 'Web Developer Extension' (WDE) addon, it has a cookie menu item, use it to delete all cookies for your localhost site, then add your code to a controller action
session[:food] = "pizza"
cookies.permanent[:food] = "pizza"
现在使用WDE查看cookies
Now view the cookies using WDE
Name food
Value pizza
Host localhost
Path /
...
$ b b
与会话
vs the session
Name _session_name # (this value set in config/initializers/session_store.rb)
Value a_base_64_value
Host localhost
Path /
...
现在打开rails控制台并解码会话值
now open rails console and decode the session value
$ rails console
> Base64.decode64('value from session')
# works in rails 3
rails 4加密cookie而不是仅仅进行编码,请参见
If using rails 4 the cookie is encrypted instead of just encoded, see http://cowbell-labs.com/2013-04-10-decrypt-rails-4-session.html
一旦解密或解码,它看起来像
once decrypted or decoded it looks something like
{
"session_id"=>"xxxxx",
"user_return_to"=>"/",
"flash"=>{
"discard"=>[:alert],
"flashes"=>{
:alert=>"You need to sign in or sign up before continuing."}
},
"food"=>"pizza",
"_csrf_token"=>"xxxxx"
}
请注意,在我的情况下,我使用Devise向闪存添加了一条消息
Note in my case I am using Devise which has added a message to the flash
会话数据受到更好的保护,您还可以选择移动到不同会话存储(如数据库),而不更改任何代码,只需进行一些配置
Session data is better protected and you also have the option to move to a different session store like a database without changing any code, just some configuration
这篇关于session [:food]和cookies.permanent之间的区别[:food]的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!