I have an app setup where each user belongs to a company, and that company has a subdomain (I am using basecamp style subdomains). The problem that I am facing is that rails is creating multiple cookies (one for lvh.me and another for subdomain.lvh.me) which is causing quite a few breaks in my application(such as flash messages being persistent though out all requests once signed in).
I have this in my /cofig/initilizers/session_store.rb file:
AppName::Application.config.session_store :cookie_store, key: '_application_devise_session', domain: :all
The domain: :all seems to be the standard answer I found on Google, but that doesn't seem to be working for me. Any help is appreciated!
If you want to share cookies across subdomains, but leave out other subdomains, you should explicitly state which subdomains you want to read them, setting a new cookie for each, rather than using wildcards.
no cookie is treated as a 3rd party cookie. Seems to have worked, so ASP.NET session cookies on different subdomains still count as first party. A cookie set on a website that is loaded in an iframe of a different website is considered to be a third party cookie to the parent website.
The tld_length parameter is used in splitting HOST into domain and subdomain components. Unfortunately, @@tld_length is used in other functions, so to be thread safe you would have to find and rewrite all those functions as well as provide thread-local storage.
As it turns outs 'domain: all' creates a cookie for all the different subdomains that are visited during that session (and it ensures that they are passed around between request). If no domain argument is passed, it means that a new cookie is created for every different domain that is visited in the same session and the old one gets discarded. What I needed was a single cookie that is persistent throughout the session, even when the domain changes. Hence, passing domain: "lvh.me"
solved the problem in development. This creates a single cookie that stays there between different subdomains.
For anyone needing further explanation, this is a great link: http://excid3.com/blog/sharing-a-devise-user-session-across-subdomains-with-rails-3/
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With