Forum: Ruby on Rails redirect_to(session[:return_to]) vs session.delete

Hey all,

Recently I've been looking into on how to return back to a previous
referring URL and and the most common approach is:

redirect_to session[:return_to]


But some recommend:

redirect_to(session.delete(:return_to) || default)


How I understand it, in the second example we call session.delete so it
will clear the return path since we will no longer need it, and we also 
use
|| to fall back to default URL in case the session is nil. Kind of makes
sense, but what I am trying to understand is (and I couldn't find it
anywhere explained) what are the implications of -not- using
session.delete, how is it better, is it a security thing? And also 
falling
back to default, in what cases can a session be nil? If there are other
checks present (I am using Devise) should this be necessary?

Hope my questions make sense. Thank you.

On Thu, Jan 17, 2013 at 7:37 PM, Alex M <zapper@gmail.com> wrote:
> but what I am trying to understand is (and I couldn't find it anywhere
> explained) what are the implications of -not- using session.delete, how is
> it better, is it a security thing? And also falling back to default, in what
> cases can a session be nil? If there are other checks present (I am using
> Devise) should this be necessary?
>
> Hope my questions make sense. Thank you.

If you are on Rails 3 use redirect_to(:back)... if you are not then
the only real implication is having trash hanging around in your
cookie storage (if you use cookie storage.) for db storage it's meh on
the space used because it's most of the time trivial but it still
leaves a dirty session.  So at the end of the day it depends on how
thorough of a programmer you want to be.