rack_session_access icon indicating copy to clipboard operation
rack_session_access copied to clipboard
verified publisher icon railsware

session_store secure: true breaks this gem

Open chase439 opened this issue 6 years ago • 2 comments

When Rails application's Rails::Application.config.session_store :active_record_store, {key: '_some_key', secure: true", the set_rack_session and get_rack_session methods break as it seems like it can't read encrypted session data.

One solution is to condition it not to secure: true when Rails.env.test?

chase439 avatar Oct 30 '19 14:10 chase439

We have the same issue after adding SameSite='None' options to our cookies.

betelgeus13 avatar Jan 23 '20 04:01 betelgeus13

Well, It's not gem issue. It's rather incorrect setup.

If you use SSL in test env then you should also configure capybara to visit your testing app server via https as well. If you don't use SSL then you should NOT set secure: true for test env.

That's all.

# * <tt>:secure</tt> - Whether this cookie is only transmitted to HTTPS servers.

https://github.com/rails/rails/blob/6-0-stable/actionpack/lib/action_dispatch/middleware/cookies.rb#L166

ayanko avatar Jan 23 '20 09:01 ayanko