Rails 4 encrypted cookie store is awesome:
MyApp::Application.config.session_store :encrypted_cookie_store ...
I switched! And then I was immediately hit with cold bucket of water right after a facebook / devise / oauth:
So if you were just under 4kb before you will split your britches! Switch to active record session store. First comment out the :encryptedcookiestore line in config/initializers/session_store.rb.
Uncomment config/initializers/session_store.rb to:
Add this to your gemfile:
gem 'activerecord-session_store', github: 'rails/activerecord-session_store'
Then create the migration:
bundle exec rails g active_record:session_migration
Then run migrations:
bundle exec rake db:migrate
RAILS_ENV=test bundle exec rake db:migrate
Then restart the app server!