tld_length | Ruby Gem to handle subdomains | Application Framework library
kandi X-RAY | tld_length Summary
kandi X-RAY | tld_length Summary
A Ruby Gem to handle subdomains on xip.io / nip.io domains using a rack middleware
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of tld_length
tld_length Key Features
tld_length Examples and Code Snippets
Community Discussions
Trending Discussions on tld_length
QUESTION
I'm trying to share a Devise session cookie for authentication purposes between two Rails apps on the same TLD but living on different subdomains. One app is v4.2.11.1, and the other is v6.0.3.2. I want to login on the Rails 4 app, and access the authenticated user info in the Rails 6 app. The session cookie is set fine when logging in on the Rails 4 app, but it seems to get completely wiped out/reset when trying to access it in the Rails 6 app.
- The session store cookie domain is set correctly for both apps, e.g.
.example.com. - The session store
tld_lengthis set to2in both apps. - The cookies serializer is set to
:marshalin both apps. - I'm using the same
secret_key_basein both apps. In the Rails 4 app, it is set via theENV['SECRET_KEY_BASE']env var. In the Rails 6 app, it's set via Rails credentials, e.g.config/credentials/.yml.enc. Devise.secret_keyis the same in both apps.- I'm using the same Devise gem version and initializers in both apps.
ANSWER
Answered 2020-Aug-26 at 21:49There might be other things going on in your specific case, but it is worth nothing that there have been two backward-incompatible changes to session cookies since Rails 4 that you'll need to look at.
- There was a change in Rails 5.2 to embed expiry information into encrypted cookies. From the upgrade guide:
To improve security, Rails now embeds the expiry information also in encrypted or signed cookies value.
This new embed information make those cookies incompatible with versions of Rails older than 5.2.
If you require your cookies to be read by 5.1 and older, or you are still validating your 5.2 deploy and want to allow you to rollback set
Rails.application.config.action_dispatch.use_authenticated_cookie_encryptiontofalse.
- Rails 6.0 has a change to embed purpose in encrypted cookies. From the upgrade guide:
To improve security, Rails embeds the purpose information in encrypted or signed cookies value. Rails can then thwart attacks that attempt to copy the signed/encrypted value of a cookie and use it as the value of another cookie.
This new embed information make those cookies incompatible with versions of Rails older than 6.0.
If you require your cookies to be read by Rails 5.2 and older, or you are still validating your 6.0 deploy and want to be able to rollback set
Rails.application.config.action_dispatch.use_cookies_with_metadatatofalse.
QUESTION
I am setting up React SPA (www.mysite.com) and Rails API (api.mysite.com) app. When I use same URL name everything works as expected, however when URL names are different, the web browser is not setting site cookie. With cookies missing, CSRF validation also fails of course. So for example if SPA App runs on localhost and Rails API App on localhost:3000 all good, the problem is only when I use the intended DNS names.
Sounds like a CORS problem but I can’t find where for many days now…
Here is my config:
Rails side I am using rack-cors ruby gem
...config/initializers/cors.rb
ANSWER
Answered 2020-Apr-09 at 15:01I've been looking into this and I think this may be relevant to what you're seeing:
Share cookie between subdomain and domain
Apparently if you don't specify a domain in the set-cookie header, the cookie is considered "host only". So you might have to have it look like:
QUESTION
I've got a problem with proxying of subdomain's name from nginx to rails server. In my rails app I have links like tenant1.localhost:3000, tenant2.localhost:3000, etc. and it works fine. On production I use Nginx + Puma and nginx doesn't proxy to puma any request if I open link with subdomain.
nginx.conf
...ANSWER
Answered 2017-Nov-10 at 10:37A domain in nginx.conf has to be specific instead of localhost.
QUESTION
I have a subdomain:
...ANSWER
Answered 2017-May-07 at 12:50After trying alot of combinations it turned out that I had to include ssl setting in my nginx file and didn't need to change session_store.rb at all.
I had added following line in my nginx file and everything seemed to be working fine.
QUESTION
I’ve setup a Rails 5 application with Apartment (1.2.0) and Devise (4.2.0). Due to some DDNS issues there is the constraint that the app is only reachable under app.myapp.com (note the subdomain app). myapp.com redirects to app.myapp.com.
My use case is that every user (tenant) signed up to the app should access their specific data through their subdomain (e.g. tenant.myapp.com). The users should not be scoped to their subdomain. Basically it should be possible to sign in from any subdomain. Redirection to the correct subdomain for the tenant is handled by ApplicationController. As per Devise standard the login page is found at app.myapp.com/users/sign_in. That’s where the problems start:
The user cannot login because of ”email or password incorrect“ error.
In development I played around a bit. Signing in from lvh.me works perfectly well. The user is logged in and is redirected to their subdomain. Trying the same with app.lvh.me leads to the afore mentioned problem.
I’ve set the session store to:
...ANSWER
Answered 2017-Feb-26 at 12:50One can configure the apartment to exclude certain models from multi-tenancy.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install tld_length
On a UNIX-like operating system, using your system’s package manager is easiest. However, the packaged Ruby version may not be the newest one. There is also an installer for Windows. Managers help you to switch between multiple Ruby versions on your system. Installers can be used to install a specific or multiple Ruby versions. Please refer ruby-lang.org for more information.
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
