As a security-conscious dev
In order to prevent unauthorized access to features via cookie tampering
I want to encrypt the feature flag cookie
We should add an option to encrypt the rack-flags cookie using a symmetric key which is only known by the server, similar to how general cookie encryption is done in Rails (might be worth checking to see if there's a standard cookie encryption middleware we can use).
We should require the user to provide that symmetric key, and not have a known default (false sense of security).
We should make it obvious that not providing an encryption key will be bad. For example, make it so that you turn this feature off by calling allow_insecure_flag_transport or something.
As a security-conscious dev
In order to prevent unauthorized access to features via cookie tampering
I want to encrypt the feature flag cookie
We should add an option to encrypt the rack-flags cookie using a symmetric key which is only known by the server, similar to how general cookie encryption is done in Rails (might be worth checking to see if there's a standard cookie encryption middleware we can use).
We should require the user to provide that symmetric key, and not have a known default (false sense of security).
We should make it obvious that not providing an encryption key will be bad. For example, make it so that you turn this feature off by calling allow_insecure_flag_transport or something.