ActionDispatch::Session::CookieStore

This cookie-based session store is the Rails default. It is dramatically faster than the alternatives.

Sessions typically contain at most a user_id and flash message; both fit within the 4K cookie size limit. A CookieOverflow exception is raised if you attempt to store more than 4K of data.

The cookie jar used for storage is automatically configured to be the best possible option given your application's configuration.

If you only have secret_token set, your cookies will be signed, but not encrypted. This means a user cannot