Pet*_*ich 4 cookies session httponly ruby-on-rails
我正试图关闭httponly以用于phonegap.我正在使用rails 3.1和devise,每个都报告了(但没有记录)这样做的方法,其中没有一个工作:
# application.rb
config.session_options = { :httponly => false } # no effect
config.session = { :httponly => false } # undefined method `session='
# devise.rb
config.cookie_options = { :httponly => false } # also no effect
测试我重新启动服务器,删除现有的cookie,并重新加载页面.仍然在chrome调试器中检查了"Http"列.
救命!
这个小片段似乎有用:
Testapp::Application.config.session_store :cookie_store, key: '_testapp_session', :domain => :all, :httponly => false