Redstoner/redstoner.com
Archived
0
Fork 0
Code Issues Pull Requests 2 Wiki Activity
This repository has been archived on 2024-08-27. You can view files and clone it, but cannot push or open issues or pull requests.
master
redstoner.com/config/initializers/session_store.rb
jomo 61edf27888 add CookieJar patch to flag cookies as secure based on the connection protocol 
rails only allows to globally flag session cookies as either secure or not
this patch sets the secure flag for cookies based on the protocol (http/https)
this is used to send cookies via http but flag them secure for https
which allows use with HTTP over Tor for an onion domain
this is acceptable because nginx redirects clearnet http to https
2017-01-08 08:06:37 +01:00

9 lines
446 B
Ruby
Raw Permalink Blame History

# Be sure to restart your server when you modify this file.
# Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information
# (create the session table with "rails generate session_migration")
Redstoner::Application.config.session_store :active_record_store,
key: 'redstoner_session',
expire_after: 5.days,
secure: nil # see config/initializers/auto_secure_cookies.rb
Reference in New Issue View Git Blame Copy Permalink