Trantor Liu
Reputation: 9146
Rails - how to delete duplicate cookies across subdomains?
Since I wanted to start supporting cross subdomain logins on my website. So I changed my session store config from
MyApp::Application.config.session_store :cookie_store,
key: '_my_app_session'
to
MyApp::Application.config.session_store :cookie_store,
key: '_my_app_session',
domain: '.local.host', # I'm using *.local.host for 127.0.0.1
tld_length: 2
After that, uses got 2 cookies with same name as list below, which caused uses could be logged out. I was using Devise, and it only delete _my_app_session under .local.host. So the user was kept signed in.
Name Value Domain
_my_app_session abc www.local.host
_my_app_session xyz .local.host
How can I delete both of the cookies?
Upvotes: 3
Views: 926
Answers (1)
Alexander S.
Reputation: 357
Just figured out sidekiq/web is causing this to us.
Our app is running on a subdomain and we have sessions configured to be shared across all subdomains so the cookie is created for .domain.com. But every time I access /sidekiq a new session is created for sub.domain.com.
To fix this in routes.rb I had to do this:
Sidekiq::Web.set :sessions, { domain: ".domain.com" }
mount Sidekiq::Web => '/sidekiq'
Upvotes: 2
Related Questions
- Share session (cookies) between subdomains in Rails?
- Deleting Rails 3 subdomain cookies
- Access session across subdomains (Rails 4)
- Share one single cookie through subdomains
- RAILS/DEVISE - Setting a devise cookie to persist across different subdomains
- Authentication with subdomain cookie allows easy access to other subdomains
- Rails: how can I share permanent cookies across multiple subdomains?
- Rails, Subdomain based cookies
- Delete Session Cookies Across Multiple Subdomains in Rails 3
- Copying cookies from main domain to subdomain