Problem with reset session cookies causing session sharing in an unstable network

I was wondering if anyone might help me with a peculiar problem. We
are having a problem with our network that is resulting in, say, UserA
getting UserB’s response, resulting in his session cookie being reset
and two users sharing the same session, UserB’s. Not good I know.
Question: Why does Rails pass the session cookie in every response
and is it possible to turn that off? Any pointers to where to look in
the code, or a better place to ask the question, are appreciated

On Feb 3, 10:01am, Jemmaniam [email protected] wrote:

I was wondering if anyone might help me with a peculiar problem. We
are having a problem with our network that is resulting in, say, UserA
getting UserB’s response, resulting in his session cookie being reset
and two users sharing the same session, UserB’s. Not good I know.
Question: Why does Rails pass the session cookie in every response
and is it possible to turn that off?

That’s pretty much how cookies work, so I doubt there’s going to be a
way to switch it off. I’d recommend you figure out what’s gone wrong
to cause users to get replies to requests they didn’t make, as it
seems to indicate some pretty severe problems at the TCP level…

–Matt J.