Hello,

I've recently upgraded from Rails 1.2 to 2.2. When I did this, swfupload broke because 2.2 no longer allows sending session data in query or form parameters - cookies only!

This of course is an issue, because swfupload cannot access the browser's cookies, and therefore will be denied access to the Rails app.

Here's the simplest solution to the problem I could come up with.

1. Create a custom session store. This sounds harder than it is. You just subclass CGI::Session::CookieStore and overrde one method - read_cookie.

2. In the overridden read_cookie method, attempt to use the real cookie if we can. If the real cookie isn't present, see if there is one in the form parameters. If so, use it.

3. That's it.

Here's a link to the custom session store, kookie_store.rb:

http://gist.github.com/55772

Drop this file in you lib directory.

Then, in environment.rb, in the Initializer section, set:

config.action_controller.session_store = :kookie_store

Also, throw a "require "webrick"" in environment.rb or where ever you put your requires (you can put this at the top of kookie_store.rb if you're not sure).

All of the standard disclaimers, e.g. this could open a gaping security hole in your app, apply.

Enjoy!

‹ Spam & reCaptcha SWFUpload v2.2.0.1 Released ›