No secret option provided to Rack::Session::Cookie warning?
This is a Rails bug, as the subclass is violating the superclass API contract. The warning can be safely ignored by Rails users. (https://github.com/rack/rack/issues/485#issuecomment-11956708, emphasis added) Confirmation on the rails bug discussion: https://github.com/rails/rails/issues/7372#issuecomment-11981397