lib/action_dispatch/cookie_jar_extensions.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

# frozen_string_literal: true

module ActionDispatch
  module CookieJarExtensions
    private

    # Monkey-patch ActionDispatch to serve secure cookies to Tor Hidden Service
    # users. Otherwise, ActionDispatch would drop the cookie over HTTP.
    def write_cookie?(*)
      request.headers['Host'].ends_with?('.onion') || super
    end
  end
end

ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions)