I don't think you can use Rails sessions without cookies support...
Em 17/05/2014 10:12, "Gabriel Sobrinho"
escreveu:
> I would argue that if you have some information that can't be hijacked and
> even parsed on javascript (httponly cookies can't be read on javascript at
> all), why would you use
I would argue that if you have some information that can't be hijacked and
even parsed on javascript (httponly cookies can't be read on javascript at
all), why would you use cookies instead of the rails session?
On Friday, May 16, 2014 7:07:42 PM UTC-3, fedesoria wrote:
>
> I would like to see t
I would like to see this happen, since when dealing with
Enterprise Vulnerability Scans it always comes up.
On Monday, January 7, 2013 2:09:42 PM UTC-8, Stephen Touset wrote:
>
> Earlier, someone proposed on the GH issues tracker that Rails default all
> cookies to HttpOnly[1]. Rails already mak