Hey All,
I have set up our site for https only using rack::ssl.
I also used it to secure our app's cookies.
# Enable SSL with secure cookies config.middleware.insert_before ActionDispatch::Cookies, Rack::SSL
however, there is one cookie that is set by a browser technology that we will be sometimes using in our system that is never https_only. It seems that now that our cookies are secured this cookie is unreadable by the system.
Does anyone have any idea how I can force the reading of a insecure cookie given this config?
