{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 虎瘦雄心在 的问题《How can I implement cookieless flash messages on R》','https://www.manongdao.com/q-677300.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm developing a facebook app so I can't rely on cookies due to P3P (Privacy Preferences Project) and yep, it's a damn pain (see slides 18 and 19 on this slideshare about Rails and Facebook apps for a picture of it)...
In a facebook app every cookie, from browsers perspective, is a third-party cookie. And many browsers block them by default.
So my question is: How can I implement flash messages without rely on cookies?
UPDATE:
I modified session_store.rb and the DB accordingly. Now the sessions are stored on DB but the flash messages are still relying on cookies... Any idea please?
UPDATE#2:
I finally found a workaround, see my answer below. Best thing to do would be to ajax everything (according to the above-linked slideshare) but as a quick fix my solution should work.
Flash messages are built on top of the session. So you could still rely on the flash if you change the session store to use the database. This can be easily done by editing
config/initializers/session_store.rband following the instructions on that file.Here's more information on the topic: Action Controller Overview -> Session
I finally found a workaround implementing my own (simple) flash messages and passing them through the params from one request to another.
First of all, I overwritten
default_url_optionsinapplication_controller.rbto append to every request a :my_flash param:Then, always in
application_controller.rb, I wrote amy_flash_from_paramsbefore_filter to set the@my_flashvariable:Finally I rendered the following
_my_flash.html.erbpartial inapplication.html.erbCalling:
If you want to try this solution see also this answer about default_url_options rewriting.