8

I thought they were stored in cookies - but no, cookies inspecting gives me nothing. Sessions do not store them either. So, where I can find them?

I need this to set them directly (not through flash hash).

lulalala
  • 17,572
  • 15
  • 110
  • 169
fl00r
  • 82,987
  • 33
  • 217
  • 237
  • 1
    You need to set them but without using the flash var. Does this even make sense? Just asking to understand what you want to achieve. – pdu Sep 07 '11 at 09:06
  • If they were stored in cookies I would set them directly: `cookies[:flash][:notice] = "Hello World!"`. But they are stored somewhere else. So the question is: where are they stored :) – fl00r Sep 07 '11 at 09:09
  • From railsguides : The flash is a 'special part of the session' which is cleared with each request. and also All session stores use a cookie to store a unique ID for each session (you must use a cookie, Rails will not allow you to pass the session ID in the URL as this is less secure). I think if we are using cookieStore to store session data only then flash will be store in cookies . Generally we use cookieStore only, so I think flash message should be somewhere in cookie[:session]. Well I am newbie in rails. correct me if I am wrong. – rtcoms Sep 07 '11 at 09:20

3 Answers3

11

They are stored in your session store. The default since rails 2.0 is the cookie store, but check in config/initializers/session_store.rb to check if you're using something other than the default.

Benoit Garret
  • 14,027
  • 4
  • 59
  • 64
3

According to APIdock : ActionController/Flash, it is stored in a session.

Note that if sessions are disabled only flash.now will work.

When using flash.now, your values are not available in the next request.

pdu
  • 10,295
  • 4
  • 58
  • 95
  • I belive you meant to link to http://apidock.com/rails/ActionDispatch/Request/flash, `ActionController::Flash` only exists in rails 1.0. – Benoit Garret Sep 07 '11 at 09:16
0

I was looking for a more detailed answer, and I ended up finding it through investigation. The following applies if your project is storing its session in a Postgres database.

NOTE: Your app may have connections to more than one DB. I still haven't figured out how Rails determines which of these connections to use. My project's session_store.rb is empty.

You'll find the flash messages in the sessions table. There is a column called data which contains a base64-encoded string.

If you decode the string, you'll find a binary blob which contains not just the flash messages (in marshalled form, so they can represent any type of Ruby object), but also the CSRF token, and several other things.

The whole blob is actually a marshalled hash table. It can be unmarshalled in Ruby with Marshal.load, and after any changes are made, it can be remarshalled with Marshal.dump.

Throw Away Account
  • 2,593
  • 18
  • 21