This repository is private.
All pages are served over SSL and all pushing and pulling is done over SSH.
No one may fork, clone, or view it unless they are added as a member.
Every repository with this icon (
) is private.
Every repository with this icon (
) is private.
This repository is public.
Anyone may fork, clone, or view it.
Every repository with this icon () is public.
Every repository with this icon (
) is public.
| name | age | message | |
|---|---|---|---|
 |
MIT-LICENSE | Mon May 12 18:49:18 -0700 2008 | [danhodos] |
| |
README | Mon May 12 18:49:18 -0700 2008 | [danhodos] |
| |
Rakefile | Mon May 12 18:49:18 -0700 2008 | [danhodos] |
| |
init.rb | Mon May 12 18:49:18 -0700 2008 | [danhodos] |
| |
install.rb | Mon May 12 18:49:18 -0700 2008 | [danhodos] |
 |
lib/ | Mon May 12 19:21:49 -0700 2008 | [danhodos] |
| |
tasks/ | Mon May 12 18:49:18 -0700 2008 | [danhodos] |
| |
test/ | Mon May 12 19:21:49 -0700 2008 | [danhodos] |
| |
uninstall.rb | Mon May 12 18:49:18 -0700 2008 | [danhodos] |
README
SessionConsistency
==================
Ensures session consistency by checking the user_agent and/or remote_ip before each request. If either of these have
changed between requests, the filter chain is halted and a '0' HTTP status code is returned.
Base usage:
class ApplicationController
verify_session_consistency
end
You can also specify :except and :only options, just like with a before filter:
class ApplicationController
verify_session_consistency :only => :index
end
Perhaps most usefully, you can specify a :redirect option, which takes the same parameters as redirect_to, like so:
class ApplicationController
verify_session_consistency :redirect => { :action => 'logout' }
end
Finally, you can modify what the consistency check is based on (by default it is both user_agent and remote_ip) like so:
class ApplicationController
verify_session_consistency :based_on => :user_agent
end
Copyright (c) 2007 Dan Hodos, released under the MIT license