about summary refs log tree commit diff
path: root/config/initializers/session_store.rb
diff options
context:
space:
mode:
Diffstat (limited to 'config/initializers/session_store.rb')
-rw-r--r--config/initializers/session_store.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 3d9bf96fd..210964b1f 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -2,5 +2,5 @@
 
 Rails.application.config.session_store :cookie_store,
   key: '_mastodon_session',
-  secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'),
+  secure: false, # All cookies have their secure flag set by the force_ssl option in production
   same_site: :lax
generated by cgit-pink (git 2.37.1) at 2024-11-22 19:12:30 +0000