You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Due to the rolled back deploy, some users have SHA256 cookies.
# Read them, but write back SHA1 cookies (writing is based on current setting of config.active_support.key_generator_hash_digest_class)
# To support a rolling deploy of SHA256 cookies:
# 1. Current: Read SHA256 cookies, but write back SHA1 cookies (writing is based on current setting of config.active_support.key_generator_hash_digest_class).
# 2. Next step: Switch this rotator to read SHA1 and change key_generator_hash_digest_class to write SHA256.
# Explanation:
# During rolling deploy, rotator from step 1 will still be present on some servers. It will read the new SHA256 cookies and write cookies as SHA1.
# While new rotator from step 2 on updated servers converts old SHA1 cookies to new SHA256 cookies.
# After rolling deploy is finished, only new rotator will be present on all servers and will convert all SHA1 cookies to SHA256.
# 3. Step after that: After the rotator from step 2 has been deployed for a while and all cookies should be converted to SHA256, remove the rotator.
