How to fix CookiesOverflow error
This article covers the error producing the following log message:
(...) ActionDispatch::Cookies::CookieOverflow (ActionDispatch::Cookies::CookieOverflow): (...)
Include this gem into Redmine Gemfile:
Install the gem:
Run the migration generator:
rails generate active_record:session_migration
Run the migration (it will fail if you already have a
sessions table, if it matches the structure describe below you can ignore this step):
Then, change session store in
config.session_store :cookie_store, :key => '_redmine_session', :path => config.relative_url_root || '/'
config.session_store :active_record_store, :key => '_redmine_session'
Note: To avoid your sessions table expanding without limit as it will store expired and potentially sensitive session data, it is strongly recommended in production environments to schedule the
db:sessions:trim rake task to run daily. Running
bin/rake db:sessions:trim will delete all sessions that have not been updated in the last 30 days. The 30 days cutoff can be changed using the
SESSION_DAYS_TRIM_THRESHOLD environment variable.
The default assumes a sessions table with columns:
id(numeric primary key),
session_id(string, usually varchar; maximum length is 255), and
data(text, longtext, json or jsonb); careful if your session data exceeds 65KB).
session_id column should always be indexed for speedy lookups. Session data is marshaled to the data column in Base64 format. If the data you write is larger than the column's size limit,
ActionController::SessionOverflowError will be raised.
You may configure the table name, primary key, data column, and serializer type. For example, at the end of
ActiveRecord::SessionStore::Session.table_name = 'legacy_session_table' ActiveRecord::SessionStore::Session.primary_key = 'session_id' ActiveRecord::SessionStore::Session.data_column_name = 'legacy_session_data' ActiveRecord::SessionStore::Session.serializer = :json
Note that setting the primary key to the
session_id frees you from having a separate
id column if you don't want it. However, you must set
session.model.id = session.session_id by hand! A before filter on ApplicationController is a good place.
The serializer may be class responding to
#dump(value), or a symbol of
marshal is the default and uses the built-in Marshal methods coupled with Base64 encoding.
json does what it says on the tin, using the
generate() methods of the JSON module.
hybrid will read either type but write as JSON.
null will not perform serialization, leaving that up to the ActiveRecord database adapter. This allows you to take advantage of the native JSON capabilities of your database.
Since the default class is a simple Active Record, you get timestamps for free if you add
updated_at datetime columns to the
sessions table, making periodic session expiration a snap.