Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Default Message Encryptor Cipher to AES-256-GCM From AES-256-CBC #29263
Okay, now we'll need a similar setting to what the AEAD cookies has here: https://github.com/rails/rails/pull/28132/files#diff-7f4141d796a8aad409136b2b6dc774b0R15
E.g. that there's a new 5.2 config to default the encryptor to gcm:
# Other configs in new_framework_defaults_5_2.rb… # Default encrypted messages to use AES-256-GCM encryption. # Rails.application.active_support.message_encryptor.use_authenticated_encryption = true
Then auto default that to true in
If we don't have that config, we break backwardscompatibility — that's what the test failures show.
Woah, hey you got the tests to pass!
Now we just need to test that the default change works. Let's just go with setting