RailsCasts Pro episodes are now free!

Learn more or hide this

Olli Huotari's Profile

GitHub User: holli

Comments by Olli Huotari


Signing cookie adds overhead to the size (http://yuiblog.com/blog/2007/03/01/performance-research-part-3/). So that depends on the security you need.

For better security you want to save also a expiry time inside the cookie and sign it. Then you can check e.g. that the cookie isn't more than year old so that info in old computers cannot be abused. But in most cases the way described in this screencast is enough.