AJAX request to Rails, does the target controller action have access to the same session as it would if it was visited in a browser?
When you get a GET or POST request to Ruby on Rails, does the target controller action have access to the same session as it would if it was visited in a browser?
For example, when I'm logged in to my app (using devise), I can acc开发者_StackOverflow中文版ess current_user as I visit different pages. But if I send a POST request to an action, does it have access to current_user? Or does it only have access to the variables that were sent with the request?
It has access to everything.
Beware of one detail: ajax sometimes fails to pass the authorize before filter.
精彩评论