Sessions or Hidden fields?

In my application I need to track user’s application state such as in
which city or category he/she is in and based on that i need to perform
a search.

I have 3 options. Use cookies, use sessions or use hidden fields.

Which one is the best choice in terms of performance and security. The
data being passed is not sensitive, they just query parameters.

Any ideas?

Rails L. wrote:

In my application I need to track user’s application state such as in
which city or category he/she is in and based on that i need to perform
a search.

I have 3 options. Use cookies, use sessions or use hidden fields.

Think of hidden fields as a shortcut to populate a
params[:model][:field], so
the params[:model] is convenient to use.

Which one is the best choice in terms of performance and security. The
data being passed is not sensitive, they just query parameters.

Use a session, because a session is a cookie, and abusing the cookie
system
with extra data is tacky - unless the cookie should last a while.

Also consider using the database - this user’s favorite city. The
database is
there to write stuff in, sometimes even if you might consider that stuff
very minor.


Phlip

you can specify the active_record store for the session so it is not
stored as a cookie on the user’s browser, but on the sessions table in
your database.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs