Cross-Domain Sessions with Ruby on Rails

January 09, 2014

450

Cross-Domain Sessions with Ruby on Rails

So, how does one write a Rails 4 session store?

Lukas Fittl

January 09, 2014

More Decks by Lukas Fittl

See All by Lukas Fittl

How to Scale Postgres - Automation, Tuning & Sharding

0

680

What's Missing for Postgres Monitoring

0

280

A Map For Monitoring PostgreSQL

2

400

Monitoring Postgres at Scale

1

470

Monitoring PostgreSQL at Scale

4

280

Postgres Performance for App Developers

2

320

GraphQL ❤ PostgreSQL -- P.S. aka BeatQL

1

630

Hacking PostgreSQL to Gain SQL Parsing Superpowers

1

620

PostgreSQL at a Web Startup

3

610

Other Decks in Programming

See All in Programming

車輪の再発明をしよう！PHP で実装して学ぶ、Web サーバーの仕組みと HTTP の正体

2

490

RSAが破られる前に知っておきたい耐量子計算機暗号(PQC)入門 / Intro to PQC: Preparing for the Post-RSA Era

3

120

仕様漏れ実装漏れをなくすトレーサビリティAI基盤のご紹介

PRO

8

4.3k

生成 AI 時代のスナップショットテストってやつを見せてあげますよ（α版）

0

340

forteeの改修から振り返るPHPerKaigi 2026

PRO

3

190

SkillがSkillを生む：QA観点出しを自動化した

2

2k

ポーリング処理廃止によるイベント駆動アーキテクチャへの移行

3

1.3k

AI時代のシステム設計：ドメインモデルで変更しやすさを守る設計戦略

PRO

7

1.2k

Rethinking API Platform Filters

0

6.5k

我々はなぜ「層」を分けるのか〜「関心の分離」と「抽象化」で手に入れる変更に強いシンプルな設計〜 #phperkaigi / PHPerKaigi 2026

2

770

Symfonyの特性(設計思想)を手軽に活かす特性(trait)

0

120

AI 開発合宿を通して得た学び

PRO

0

200

Featured

See All Featured

Building Applications with DynamoDB

96

7k

How to train your dragon (web standard)

97

6.6k

[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails

38

2.8k

End of SEO as We Know It (SMX Advanced Version)

3

4.1k

Ten Tips & Tricks for a 🌱 transition

0

95

How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL

1

2k

How STYLIGHT went responsive

100

6k

Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End

254

22k

Utilizing Notion as your number one productivity tool

4

280

Building a Modern Day  E-commerce SEO Strategy

45

9k

StorybookのUI Testing Handbookを読んだ

31

6.7k

Tell your own story through comics

1

880

Transcript

@LukasFittl Cross-Domain Sessions So, how does one write a Rails
4 session store?
Biz + UX + Dev @LukasFittl
So, 7 years ago we started this company: commit 2086c55b13426c2834f7060ad3739eed68e891c2
Author: Esad Hajdarevic <[email protected]> Date: Sun Mar 25 22:47:30 2007 +0000 ! Initial tags+trunk creation git-svn-id: svn://svn.phoria.eu/soup/trunk@1 c0834aa2-9929-0410-9117-c50b2a7daf23
Its still around :) ! But it runs Rails 2.3.
100+ hours later we’re (almost) on Rails 4.
Soooo... Sessions.
www.soup.io = Login/Logout/etc
mysoup.io = Soup Admin, Create Posts, etc
How can we make that work?
First thought: <iframe>
Actually, thats pretty painful.
What we ended up doing: www.soup.io mysoup.io Memcached / Redis
SESSION_ID REMOTE_SESSION_ID
Getting a REMOTE_SESSION_ID: http://mysoup.io/  => http://soup.io/remote/generate?host=mysoup.io  (requested with main session
cookie YYY) ! => http://mysoup.io/?sessid=ZZZ SetCookie: soup_session_id=ZZZ ! => http://mysoup.io/ ! remote_session_link_ZZZ => mysoup.io--YYY Memcached / Redis
Lets look at the code :)
@LukasFittl Thank you! pganalyze.com