Object
Cookies are read and written through ActionController#cookies.
The cookies being read are the ones received along with the request, the cookies being written will be sent out with the response. Reading a cookie does not get the cookie object itself back, just the value it holds.
Examples for writing:
# Sets a simple session cookie. cookies[:user_name] = "david" # Sets a cookie that expires in 1 hour. cookies[:login] = { :value => "XJ-122", :expires => 1.hour.from_now } # Sets a signed cookie, which prevents a user from tampering with its value. # You must specify a value in ActionController::Base.cookie_verifier_secret. cookies.signed[:remember_me] = [current_user.id, current_user.salt] # Sets a "permanent" cookie (which expires in 20 years from now). cookies.permanent[:login] = "XJ-122" # You can also chain these methods: cookies.permanent.signed[:login] = "XJ-122"
Examples for reading:
cookies[:user_name] # => "david" cookies.size # => 2
Example for deleting:
cookies.delete :user_name
Please note that if you specify a :domain when setting a cookie, you must also specify the domain when deleting the cookie:
cookies[:key] = { :value => 'a yummy cookie', :expires => 1.year.from_now, :domain => 'domain.com' } cookies.delete(:key, :domain => 'domain.com')
The option symbols for setting cookies are:
:value - The cookie’s value or list of values (as an array).
:path - The path for which this cookie applies. Defaults to the root of the application.
:domain - The domain for which this cookie applies so you can restrict to the domain level. If you use a schema like www.example.com and want to share session with user.example.com set :domain to :all. Make sure to specify the :domain option with :all again when deleting keys.
:domain => nil # Does not sets cookie domain. (default) :domain => :all # Allow the cookie for the top most level domain and subdomains.
:expires - The time at which this cookie expires, as a Time object.
:secure - Whether this cookie is a only transmitted to HTTPS servers. Default is false.
:httponly - Whether this cookie is accessible via scripting or only HTTP. Defaults to false.
# File lib/action_dispatch/middleware/cookies.rb, line 286 286: def call(env) 287: status, headers, body = @app.call(env) 288: 289: if cookie_jar = env['action_dispatch.cookies'] 290: cookie_jar.write(headers) 291: if headers[HTTP_HEADER].respond_to?(:join) 292: headers[HTTP_HEADER] = headers[HTTP_HEADER].join("\n") 293: end 294: end 295: 296: [status, headers, body] 297: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.