about summary refs log tree commit diff
path: root/lib
diff options
context:
space:
mode:
authorCecylia Bocovich <cohosh@torproject.org>2021-02-13 18:10:52 -0500
committerGitHub <noreply@github.com>2021-02-14 00:10:52 +0100
commit3447bd2f80111ce7373446182055c819a01c03b6 (patch)
tree8d4581f16fc1558f90a2a52205394e365b2107ad /lib
parent5aa66fccb5bd5c1ba081b17d8e20e351d88f157c (diff)
Monkey patch Rack::Session to send secure cookies to onions (#15725)
Diffstat (limited to 'lib')
-rw-r--r--lib/action_dispatch/cookie_jar_extensions.rb10


1 files changed, 10 insertions, 0 deletions
diff --git a/lib/action_dispatch/cookie_jar_extensions.rb b/lib/action_dispatch/cookie_jar_extensions.rb
index 44c39c1f8..f7ffb6cc7 100644
--- a/lib/action_dispatch/cookie_jar_extensions.rb
+++ b/lib/action_dispatch/cookie_jar_extensions.rb
@@ -13,3 +13,13 @@ module ActionDispatch
 end
 
 ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions)
+
+module Rack
+  module SessionPersistedExtensions
+    def security_matches?(request, options)
+      request.headers['Host'].ends_with?('.onion') || super
+    end
+  end
+end
+
+Rack::Session::Abstract::Persisted.prepend(Rack::SessionPersistedExtensions)

 

generated by cgit-pink  (git 2.37.1) at 2024-11-22 05:52:25 +0000