I have just spotted quite a serious problem with my rails app. My app
uses the session to store information. Most people who use the app may
have more than one instance of it open in their browser (multiple tabs).
The session stores which country the user has selected. On each browser
tab the user may select a different country. You can add items to a
country. There are problems with items being added to the wrong
country. This is because the session is shared between the 2 open tabs.
Does anyone know how to get round this? I know i could store country
info in the page as a hidden field or attatch it to the end of every
URL, but in my situation this is too much extra work. It would be
unfortunate if i could not use sessions to do this.
I have also just noted a simular problem with my one of my J2EE apps…
I have just spotted quite a serious problem with my rails app. My app
uses the session to store information. Most people who use the app may
have more than one instance of it open in their browser (multiple tabs).
This is a browser feature - nothing to do with the web app. Sessions
use cookies to identify the user - browser tabs share cookies. It’s the
same if you open a browser window via another.
The grand scheme of things, it’s not really a problem. Why would you
use 2 browser tabs to do the same thing on a site?
My App is scientific software used in my company, and there is good
reason why the users would want to run 2 instances of the site.
And the reason is?
There are plenty of good reasons, here are some:
The software is sometimes used in a busy lab environment where many
people will use one computer. Each person will want his/her own instance
of the application on the same machine.
There are complex-graphs and statistics for compounds. If A user is
working on compounds they would want 2 screens showing the info.
each tab is still part of the same browser instance so unless you can
modify
that behaviour in the browser, your session data will always be shared.
I
can’t think of any way round it. I think your solution of moving the
data
out of the session is the best option
You’re asking a question about intrinsic web architecture. Since the
web is stateless, there are 3 ways to keep session state between
subsequent requests:
Cookies (the Rails default), which applies for all tabs in a
browser (which is normally a feature, when used for things like
authentication and shopping carts).
Info in the URL (either opaque, like the Amazon id number, or non-
opaque, like beginning the URL of the english version of the site
with /en/)
Hidden fields. This only works if every request to the server is
a POST not a GET, or else the hidden fields will not be transmitted.
So, I would recommend 2. If you just need to keep track of a couple
of variables, routes should make it very easy to do:
country. This is because the session is shared between the 2 open
Any info/help would be very valuable,
From a cursory glance, it appears you will have to put the session
info on the URL path.
So you’re saying routes can keep hold of variables? Sorry i don’t
understand what you mean
You could also override url_for to pass a session key around. Something
like (untested):
def url_for(options = {}, *parameters_for_method_reference) #:doc:
case options
when String then options
when Symbol then send(options, *parameters_for_method_reference)
when Hash then @url.rewrite(rewrite_options({:s=>params[:s]}.merge(options)))
end
end
Then if there is an ‘s’ param in the URL it will be appended to all
links.
My App is scientific software used in my company, and there is good
reason why the users would want to run 2 instances of the site.
And the reason is?
There are plenty of good reasons, here are some:
The software is sometimes used in a busy lab environment where many
people will use one computer. Each person will want his/her own instance
of the application on the same machine.
They only have a single user account? If they have different accounts,
then this isn’t a problem. For that matter, with a Mozilla browser each
user could open a separate instance of the browser with their own
profile in a single login.
There are complex-graphs and statistics for compounds. If A user is
working on compounds they would want 2 screens showing the info.
There isn’t any problem with your users having two different screens
open. The only problem is that you are storing information in the
session that isn’t specific to the session. Don’t do that and you
shouldn’t have a problem.
How? You mentioned country in your original question, so use that as and
example. Just pass the country as a parameter to each page, and have
each page use that parameter instead of the session parameter. You can
do this with either gets or posts. You have to look up the parameter
anyway, you just can’t look it up where it is going to be overwritten by
user activity.
–
Ray
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.