It appears that Ruby's CGI::Session class will not use the _session_id in the query string when the Request is a POST.
Normally, a POST-type request occurs when a form is submitted to the server (e.g. a Rails application). In this scenario, there is an easy workaround since we can send the _session_id as a hidden field.
With Flash 8, however, there is no way to add a 'hidden field' to the multi-part form data, thus Rails will fail to recognize the _session_id in the query string portion of our request.
Here is a hackish work-around:
Normally, a POST-type request occurs when a form is submitted to the server (e.g. a Rails application). In this scenario, there is an easy workaround since we can send the _session_id as a hidden field.
With Flash 8, however, there is no way to add a 'hidden field' to the multi-part form data, thus Rails will fail to recognize the _session_id in the query string portion of our request.
Here is a hackish work-around:
# The following code is a work-around for the # Flash 8 bug that prevents our multiple file uploader # from sending the _session_id. Here, we hack the # Session#initialize method and force the session_id # to load from the query string via the request uri. # (Tested on Lighttpd) class CGI::Session alias original_initialize initialize def initialize(request, option = {}) session_key = option['session_key'] || '_session_id' option['session_id'] = request.env_table["REQUEST_URI"][0..-1]. scan(/#{session_key}=(.*?)(&.*?)*$/). flatten.first original_initialize(request, option) end end
http://inquirylabs.com/downloads/get_session_id_from_query_string_on_post.rb