我使用Rails 4和基于cookie的会话存储,发现每次刷新页面时Rails 4会给我一个不同的cookie,但它仍然可以识别我。
将其与使用
2016-12-02T01:46:47.1273383Z Cleaning artifacts directory: C:\agent_work\9ee18c2ab…
2016-12-02T01:46:47.1612721Z Cleaned artifacts directory: C:\agent_work\9ee18c2ab
2016-12-02T01:46:47.1692742Z Number of linked artifacts to download: 1
2016-12-02T01:46:47.1722775Z Starting artifacts download...
2016-12-02T01:46:47.2203037Z Downloading linked artifact: VehicleTracking.DevCI...
2016-12-02T01:46:47.2222969Z Downloading artifact of type: Build
2016-12-02T01:46:47.2252925Z Created artifact folder C:\agent_work\9ee18c2ab\VehicleTracking.DevCI
2016-12-02T01:46:47.2712805Z Preparing to get the list of available artifacts from build.
2016-12-02T01:46:47.4233327Z Preparing to download artifact: drop
2016-12-02T01:46:47.4593025Z Artifact Type: ServerDrop
2016-12-02T01:46:47.4613413Z The artifact is of older version: False
2016-12-02T01:46:47.8273312Z Caching items under 'drop' in the file container...
2016-12-02T01:46:48.3123751Z 0 placed file(s): 0 downloaded, 0 empty and new, 0 preserved.
2016-12-02T01:46:48.3273435Z An error occurred during download: System.AggregateException: One or more errors occurred. ---> Microsoft.VisualStudio.Services.FileContainer.ContainerItemNotFoundException: The item drop in container 10039 could not be found.
的另一个机架应用进行比较,它只会为第一个请求发送Rack::Session::Cookie,直到对会话数据进行了一些更改。
为什么他们的设计不同?背后有什么理由吗?
答案 0 :(得分:1)
这是因为Rails处理会话存储和cookie加密的方式:
Set-Cookie标头的代码之前。我在回答这个问题时会详细介绍:Why is rails constantly sending back a Set-Cookie header?
答案 1 :(得分:0)
Rails cookie_store默认使用EncryptedKeyRotatingCookieJar,并生成crypto_and_sign值。该值使用MessageEncryptor#_encrypt方法,该方法使用随机【cipher.random_iv】。因此,每次相同的值都会产生不同的crypto_and_sign结果。