设计变得疯狂,接受标题为" * / *"

时间:2015-02-12 01:29:52

标签: ruby-on-rails devise

作为经过身份验证的用户,如果我通过外部文本编辑器访问我的应用程序的网址,则mimetype会在控制台中显示为" * / *"和设计似乎重定向到" / sign_in"多次。这是一个问题,因为如果我转到" / foo",这最初存储在会话中作为验证后返回的路径。由于重定向的数量,此值在会话中被吹走,并且在设计终于意识到用户已经登录后,它最终会重定向到" /"。

为了测试,我添加到我的应用程序控制器:

def authenticate_user!
  puts "***** AUTHENTICATE USER CALLED!!!"
  super
end

因此,如果我直接在浏览器中输入网址,则mimetype会显示为HTML,并且会看到我立即进行身份验证,所有内容都按预期呈现:

Started GET "/products/171" for 127.0.0.1 at 2015-02-11 17:04:53 -0800
  ActiveRecord::SchemaMigration Load (0.4ms)  SELECT "schema_migrations".* FROM "schema_migrations"
Processing by LayoutsController#show as HTML
  Parameters: {"id"=>"171"}
***** AUTHENTICATE USER CALLED!!!
  User Load (0.9ms)  SELECT  "users".* FROM "users"  WHERE "users"."id" = 7  ORDER BY "users"."id" ASC LIMIT 1
  Rendered html template within layouts/application (0.1ms)
Completed 200 OK in 1165ms (Views: 1127.7ms | ActiveRecord: 3.0ms)

然而,当我点击外部文本编辑器中的链接时,我会遇到这种疯狂的行为:

Started GET "/products/171" for 127.0.0.1 at 2015-02-11 17:09:43 -0800
Processing by LayoutsController#show as */*
  Parameters: {"id"=>"171"}
***** AUTHENTICATE USER!!!
Completed 401 Unauthorized in 4ms
I18N keys: [:en, :devise, :failure, :user, :unauthenticated]
I18N keys: [:en, :devise, :failure, :unauthenticated]
                 => You need to sign in or sign up before continuing.

Started GET "/sign_in" for 127.0.0.1 at 2015-02-11 17:09:43 -0800
Processing by Devise::SessionsController#new as */*
I18N keys: [:en, :sign_in, :submit_button]
                 => Sign in

I18N keys: [:en, :sign_in, :disabled]
                 => Your account has been disabled.

  Rendered devise/sessions/new.html.haml within layouts/sign_in (6.8ms)

Started GET "/sign_in" for 127.0.0.1 at 2015-02-11 17:09:45 -0800
Processing by Devise::SessionsController#new as HTML
  User Load (0.5ms)  SELECT  "users".* FROM "users"  WHERE "users"."id" = 7  ORDER BY "users"."id" ASC LIMIT 1
I18N keys: [:en, :devise, :failure, :already_authenticated]
                 => You are already signed in.

Redirected to http://localhost:3000/
Filter chain halted as :require_no_authentication rendered or redirected
Completed 302 Found in 5ms (ActiveRecord: 0.5ms)

Started GET "/" for 127.0.0.1 at 2015-02-11 17:09:45 -0800
  User Load (0.4ms)  SELECT  "users".* FROM "users"  WHERE "users"."id" = 7  ORDER BY "users"."id" ASC LIMIT 1
Processing by LayoutsController#show as HTML
***** AUTHENTICATE USER!!!

Completed 200 OK in 244ms (Views: 178.8ms | ActiveRecord: 0.0ms)

注意"重定向到http://localhost:3000/"而不是http://localhost:3000/products/171,这是应该发生的事情。

为什么* / *会导致此行为,我该如何解决此问题?

更新

显然问题是,我在直接访问Chrome网址栏和点击外部文本编辑器中的链接之间会有完全不同的会话(即使文本编辑器只是打开一个新选项卡)带有该网址的chrome):

在外部文本编辑器中单击链接后,从

request.cookies => {"_my_app_session"=>"f32dc5c239fadfc494a775990112f2b5"}

将url直接放入chrome:

request.cookies => {"_my_app_session"=>"91ac136666b78499ea6e071f89cec7ee"}

这个世界怎么可能?它是相同的浏览器..我认为浏览器中的所有标签都有相同的会话,你无法改变它吗?

1 个答案:

答案 0 :(得分:2)

我弄清楚这里发生了什么...... Microsoft Word是有问题的“外部编辑器”,显然它在内部访问url之前将其推送到您的操作系统默认浏览器。我猜他们正在监视他们的用户,以便在发送到浏览器之前查看他们的去向以及该网站的响应。这就是会议不同的原因......