Home/ Questions/Q 7833833
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T12:55:13+00:00

It used to be that a line like this in the application controller would

  • 0

It used to be that a line like this in the application controller would disable sessions entirely for a request:

session :off, :if => Proc.new {|req| req.user_agent =~ BOT_REGEX}

With Rails 3.x, this is either deprecated or no longer works. I realize that the new concept is that sessions are lazy loaded, but the execution flow through the app uses/checks sessions even if it’s a web bot.

So is there some new mechanism that could be used to disable sessions on a per-request basis?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There doesn’t appear to be a built-in way to do this in Rails 3, but you can monkey patch SessionHash to get a similar result:

    class ActionDispatch::Session::AbstractStore::SessionHash
  private
    def load_for_write!
      load! unless loaded? || (@env['HTTP_USER_AGENT'] =~ BOT_REGEX)
    end
end

    This will prevent the session store object from being created. You will still be able to assign into the session hash, and even access that same session data later in the same request.

    • 0