Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Always sign cookies, also in development mode for classic style apps #1245
Currently there is a surprising or at least undocumented difference in the behavior of modular and classic style apps: cookies are not signed for classic style applications in development mode, while for modular applications they are always signed, regardless of the environment.
The patch removes the redefinition of the
In case the current behavior is intended, at least the docs should be updated to reflect this. Right now the README generally states (see "Using Sessions"):
Short tale of woe: I wanted to create a simple example for cookies and how they work on the HTTP level, and noticed they were not signed; then went to the docs to find out how to activate the signing of cookies; unnecessarily used