diff options
| author | Claire <claire.github-309c@sitedethib.com> | 2021-02-11 23:47:05 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-11 23:47:05 +0100 |
| commit | 21fb3f3684782628319a0d6339dd9fd446c2b673 (patch) | |
| tree | 029bcaeb2658ca28524661f451abe88c28a289e0 /config/initializers/session_store.rb | |
| parent | eb23f985928f5d394209475ad4308a4d20dfb5f2 (diff) | |
Drop dependency on secure_headers, fix response headers (#15712)
* Drop dependency on secure_headers, use always_write_cookie instead * Fix cookies in Tor Hidden Services by moving configuration to application.rb * Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
Diffstat (limited to 'config/initializers/session_store.rb')
| -rw-r--r-- | config/initializers/session_store.rb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 7e3471ac4..e5d1be4c6 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -2,5 +2,6 @@ Rails.application.config.session_store :cookie_store, { key: '_mastodon_session', + secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'), same_site: :lax, } |