CookieStore and Session data via POST vars (no cookies)

This might be a solved issue, so I thought I'd ask. I'm trying to use SWFUpload with the cookiestore. I'm passing in the session_id variable through a POST parameter in the upload. I've verified that Flash is sending the POST params (Flash 9).

I thought simply by setting cookie_only to false for that method, I would be able to get that to work. Turned out I had to do a couple of small monkeypatches to CookieStore to get it to work.

The only ticket I found that references this is http://dev.rubyonrails.org/ticket/210 , which is old, old, old but seems to imply that this sort of thing should work. So, my question is whether the fact that the CookieStore doesn't honor the form field is by design?

What is the behavior of CookieStore when :cookie_only=>false?

If this seems broken, I'll submit a ticket and my patches. Or, if I missed something, please let me know. :slight_smile:

Thanks,

Sujal

What is the behavior of CookieStore when :cookie_only=>false?

If this seems broken, I'll submit a ticket and my patches. Or, if I missed something, please let me know. :slight_smile:

The cookie store can't work with cookies disabled, which is what cookie_only=>false is meant to support. I understand that there's a limitation in flash's multi-part posts which needs the session id in the url.

You'll have to use another session store, or not use the session in your upload method, perhaps storing another token of some sort in the URL?

Fair enough. I think of the CookieStore as more of a "Client-side"
session store, but I can see the other perspective and why it might be
more correct. I had the "other token" idea, too, but didn't like it.
I like the idea that everything is marching through the same
authentication path.

Anyway, thanks for the quick response.

Sujal

Do you have a work-around for this problem that I could have? I'd rather stick with CookieStore, and have been looking for a way to pass the cookie to it from a form param in this one case. I haven't found a good way to do this yet.

Thanks.

- Stoney