Redirect_to(session[:return_to]) vs session.delete

Hey all,

Recently I’ve been looking into on how to return back to a previous
referring URL and and the most common approach is:

redirect_to session[:return_to]

But some recommend:

redirect_to(session.delete(:return_to) || default)

How I understand it, in the second example we call session.delete so it
will clear the return path since we will no longer need it, and we also
use
|| to fall back to default URL in case the session is nil. Kind of makes
sense, but what I am trying to understand is (and I couldn’t find it
anywhere explained) what are the implications of -not- using
session.delete, how is it better, is it a security thing? And also
falling
back to default, in what cases can a session be nil? If there are other
checks present (I am using Devise) should this be necessary?

Hope my questions make sense. Thank you.

On Thu, Jan 17, 2013 at 7:37 PM, Alex M [email protected] wrote:

but what I am trying to understand is (and I couldn’t find it anywhere
explained) what are the implications of -not- using session.delete, how is
it better, is it a security thing? And also falling back to default, in what
cases can a session be nil? If there are other checks present (I am using
Devise) should this be necessary?

Hope my questions make sense. Thank you.

If you are on Rails 3 use redirect_to(:back)… if you are not then
the only real implication is having trash hanging around in your
cookie storage (if you use cookie storage.) for db storage it’s meh on
the space used because it’s most of the time trivial but it still
leaves a dirty session. So at the end of the day it depends on how
thorough of a programmer you want to be.