Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow users to disable the secure cookie warning for custom coders #900

Merged
merged 1 commit into from
Sep 3, 2015
Merged

Allow users to disable the secure cookie warning for custom coders #900

merged 1 commit into from
Sep 3, 2015

Conversation

dmcinnes
Copy link
Contributor

Hello,

Since we've recently updated Rack we've been getting the "No secret option provided to Rack::Session::Cookie" warning in our logs. However we are providing a custom coder to Rack::Session::Cookie that handles all of the encryption:
https://github.com/heroku/identity/blob/master/lib/identity/main.rb#L12-L19

This pull request adds an option to Rack::Session::Cookie to disable this warning, but only if a coder is supplied in the cases were the user wants to manage the cookie encryption themselves:

use Rack::Session::Cookie,
  coder: MyFancyEncryptionCoder.new,
  let_coder_handle_secure_encoding: true

Does this approach make sense? If not I'm happy to hear alternatives.

Thanks!

@dmcinnes dmcinnes mentioned this pull request Jun 19, 2015
Open
tenderlove added a commit that referenced this pull request Sep 3, 2015
@tenderlove
Merge pull request #900 from dmcinnes/disable-cookie-secret-warnings
304c1a1 
Allow users to disable the secure cookie warning for custom coders
@tenderlove tenderlove merged commit 304c1a1 into rack:master Sep 3, 2015
@brandur
Copy link

brandur commented Sep 3, 2015

Nice! Thanks @tenderlove!

@dmcinnes
Copy link
Contributor Author

dmcinnes commented Sep 3, 2015

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dmcinnes @brandur @tenderlove