Provide better error message when applying false value where SecureHeaders::OPT_OUT is required

### Expected outcome

1. I configure CSP to do disable secure headers in development when i set it to `false`
1. The exception message should detect that false is being used, and tell the user they must use `SecureHeaders::OPT_OUT` instead of `false`.

### Actual outcome

1. This blows up with the following exception: `secure cookie config must be a hash or boolean`

This doesn't describe the issue, and is confusing because the value I'm applying _is_ a boolean value. In this case we should return an exception message that says what actually needs to happen, which is that the user needs to pass in `SecureHeaders::OPT_OUT`.

### Config

Please provide the configuration (`SecureHeaders::Configuration.default`) you are using including any overrides (`SecureHeaders::Configuration.override`).

```ruby
SecureHeaders::Configuration.default do |config|
  config.cookies = {
    secure: Rails.env.production?,
    httponly: true
  }
  # ...
end

```

Happy to submit a quick PR for this functionality.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Provide better error message when applying false value where SecureHeaders::OPT_OUT is required #393

Expected outcome

Actual outcome

Config

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Provide better error message when applying false value where SecureHeaders::OPT_OUT is required #393

Description

Expected outcome

Actual outcome

Config

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions