class Rack::Session::Cookie

def initialize(app, options = {})
  # support both :secrets and :secret for backwards compatibility
  secrets = [*(options[:secrets] || options[:secret])]
  encryptor_opts = {
    purpose: options[:key], serialize_json: options[:serialize_json]
  }
  # For each secret, create an Encryptor. We have iterate this Array at
  # decryption time to achieve key rotation.
  @encryptors = secrets.map do |secret|
    Rack::Session::Encryptor.new secret, encryptor_opts
  end
  # If a legacy HMAC secret is present, initialize those features.
  # Fallback to :secret for backwards compatibility.
  if options.has_key?(:legacy_hmac_secret) || options.has_key?(:secret)
    @legacy_hmac = options.fetch(:legacy_hmac, 'SHA1')
    @legacy_hmac_secret = options[:legacy_hmac_secret] || options[:secret]
    @legacy_hmac_coder  = options.fetch(:legacy_hmac_coder, Base64::Marshal.new)
  else
    @legacy_hmac = false
  end
  warn <<-MSG unless secure?(options)
  SECURITY WARNING: No secret option provided to Rack::Session::Cookie.
  This poses a security threat. It is strongly recommended that you
  provide a secret to prevent exploits that may be possible from crafted
  cookies. This will not be supported in future versions of Rack, and
  future versions will even invalidate your existing user cookies.
  Called from: #{caller[0]}.
  MSG
  # Potential danger ahead! Marshal without verification and/or
  # encryption could present a major security issue.
  @coder = options[:coder] ||= Base64::Marshal.new
  super(app, options.merge!(cookie_only: true))
end