gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

Drop dependency on secure_headers, fix response headers (#15712)

Browse source 
* Drop dependency on secure_headers, use always_write_cookie instead

* Fix cookies in Tor Hidden Services by moving configuration to application.rb

* Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
This commit is contained in:
Claire 2021-02-11 23:47:05 +01:00 committed by GitHub
parent eb23f98592
commit 21fb3f3684
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 24 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

1
config/initializers/session_store.rb
View file

@ -2,5 +2,6 @@
Rails.application.config.session_store :cookie_store, {
key: '_mastodon_session',
secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'),
same_site: :lax,
}