0
我有一個基於Michael Hartl的Ruby on Rails教程(第二版)的用戶模型它在本地從Linux機器託管的實踐中工作正常,但是當我部署到Heroku時,IE ans Safari出現問題。 (Chrome和Firefox很好用。)我使用cookie來設置我在網站上不斷調用的值current_user。IE/Safari不能正確保存/讀取cookie CSRF?
這裏是我的sessions_helper.rb
module SessionsHelper
def sign_in(user)
cookies.permanent[:remember_token] = user.remember_token
self.current_user = user
end
def signed_in?
!current_user.nil?
end
def current_user=(user)
@current_user = user
end
def current_user
@current_user ||= User.find_by_remember_token(cookies[:remember_token])
end
def current_user?(user)
user == current_user
end
def signed_in_user
unless signed_in?
store_location
redirect_to signin_url, notice: "Please sign in."
end
end
def sign_out
self.current_user = nil
cookies.delete(:remember_token)
end
def redirect_back_or(default)
redirect_to(session[:return_to] || default)
session.delete(:return_to)
end
def store_location
session[:return_to] = request.url
end
end
我的會話控制器如下: 類SessionsController < ApplicationController的
def new
end
def create
user = User.find_by_email(params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
sign_in user
redirect_back_or user
else
flash.now[:error] = 'Invalid email/password combination'
render 'new'
end
end
def destroy
sign_out
redirect_to root_url
end
end
當我再次創建一個用戶/登錄它只是失去我的cookie在IE8>和Safari中。 這是我收到的日誌。
2012-11-06T19:28:08+00:00 app[web.1]: Started POST "/sessions" for XXX.XXX.XXX.XXX at 2012-11-06 19:28:08 +0000
2012-11-06T19:28:08+00:00 app[web.1]: Processing by SessionsController#create as HTML
2012-11-06T19:28:08+00:00 app[web.1]: Parameters: {"utf8"=>"â", "authenticity_token"=>"Eh3xta4VHlHgBVEKiLn3CRKgWb5xFbAx91eNJlYFySs=", "session"=>{"email"=>"[email protected]", "password"=>"[FILTERED]"}, "commit"=>"Sign in"}
2012-11-06T19:28:08+00:00 app[web.1]: WARNING: Can't verify CSRF token authenticity
2012-11-06T19:28:08+00:00 app[web.1]: Redirected to https://some-app_1234.herokuapp.com/users/1
2012-11-06T19:28:08+00:00 app[web.1]: Completed 302 Found in 391ms (ActiveRecord: 16.1ms)
2012-11-06T19:28:08+00:00 heroku[router]: POST some-app-1234.herokuapp.com/sessions dyno=web.1 queue=0 wait=0ms service=508ms status=302 bytes=114
2012-11-06T19:28:09+00:00 app[web.1]:
2012-11-06T19:28:09+00:00 app[web.1]:
2012-11-06T19:28:09+00:00 app[web.1]: Started GET "https://stackoverflow.com/users/1" for XXX.XXX.XXX.XXX at 2012-11-06 19:28:09 +0000
2012-11-06T19:28:09+00:00 app[web.1]: Processing by UsersController#show as HTML
2012-11-06T19:28:09+00:00 app[web.1]: Parameters: {"id"=>"1"}
2012-11-06T19:28:09+00:00 app[web.1]: Rendered shared/_stats.html.erb (205.2ms)
2012-11-06T19:28:09+00:00 app[web.1]: Rendered microposts/_micropost.html.erb (15.0ms)
2012-11-06T19:28:09+00:00 app[web.1]: Rendered users/show.html.erb within layouts/application (247.6ms)
2012-11-06T19:28:09+00:00 app[web.1]: Rendered layouts/_shim.html.erb (0.0ms)
2012-11-06T19:28:09+00:00 app[web.1]: Rendered layouts/_header.html.erb (1.2ms)
2012-11-06T19:28:09+00:00 app[web.1]: Rendered layouts/_footer.html.erb (0.3ms)
2012-11-06T19:28:09+00:00 app[web.1]: Completed 200 OK in 256ms (Views: 52.5ms | ActiveRecord: 202.4ms)
2012-11-06T19:28:09+00:00 heroku[router]: GET some-app-1234.herokuapp.com/users/1 dyno=web.1 queue=0 wait=0ms service=544ms status=200 bytes=2394
http://stackoverflow.com/questions/10773897/safari-cant-get-herokus-cookie?answertab=oldest#tab-top解決了這個問題,但是如何從第三方cookie更改爲第一方cookie。 –