Fix enforce HTTPS in production. (#6180)

author: Naoki Kosaka <n.k@mail.yukimochi.net> 2018-01-06 04:04:22 +0900
committer: Eugen Rochko <eugen@zeonfederated.com> 2018-01-05 20:04:22 +0100
commit: 8d51ce429094d43a91d61c9cb0c0dc7b1e6bd2de (patch)
tree: 427e7d7b7cdc8283fa1f3d4dfcd34ef54ebd29b2 /config/initializers
parent: 06636c6eca636d7cacc3d743487b2a9618585c34 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index ef61543a8..3dc0edd6f 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,3 +1,3 @@
 # Be sure to restart your server when you modify this file.
 
-Rails.application.config.session_store :cookie_store, key: '_mastodon_session', secure: (ENV['LOCAL_HTTPS'] == 'true')
+Rails.application.config.session_store :cookie_store, key: '_mastodon_session', secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true')
author	Naoki Kosaka <n.k@mail.yukimochi.net>	2018-01-06 04:04:22 +0900
committer	Eugen Rochko <eugen@zeonfederated.com>	2018-01-05 20:04:22 +0100
commit	8d51ce429094d43a91d61c9cb0c0dc7b1e6bd2de (patch)
tree	427e7d7b7cdc8283fa1f3d4dfcd34ef54ebd29b2 /config/initializers
parent	06636c6eca636d7cacc3d743487b2a9618585c34 (diff)