I'm not sure if you'd consider this a bug, but I noticed that even when I use session :off the session cookie is still returned in the response. This is under Rails 4.
In general, my reasoning for turning off sessions is so I can ensure a page doesn't use any session data when generating the content; thus making it cacheable. The presence of a Set-Cookie header in the response makes it so I either have to strip this out at some level of the stack, or figure out how to convince Rails to not set the cookie.
I'm not sure if you'd consider this a bug, but I noticed that even when I use
session :offthe session cookie is still returned in the response. This is under Rails 4.In general, my reasoning for turning off sessions is so I can ensure a page doesn't use any session data when generating the content; thus making it cacheable. The presence of a
Set-Cookieheader in the response makes it so I either have to strip this out at some level of the stack, or figure out how to convince Rails to not set the cookie.