Sam Pierson's Blog » Decoding the Rails session cookie

Decoding the Rails session cookie

 
Marshal.load(Base64.decode64(CGI.unescape(cookie.split("\n").join).split('--').first))

As found here.

Update: you can dump your session and verify your session signature using:

 
secret = "your session secret" # from config/initializers/session_store.rb
verifier = ActiveSupport::MessageVerifier.new(secret)
signed_message = CGI.unescape(cookie.split("\n").join
verifier.verify(signed_message)

You must be logged in to post a comment.