Drop dependency on secure_headers, fix response headers (#15712)

* Drop dependency on secure_headers, use always_write_cookie instead * Fix cookies in Tor Hidden Services by moving configuration to application.rb * Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
2021-02-11 23:47:05 +01:00
parent eb23f98592
commit 21fb3f3684
8 changed files with 24 additions and 16 deletions
--- a/config/application.rb
+++ b/config/application.rb
@ -25,6 +25,7 @@ require_relative '../lib/devise/two_factor_pam_authenticatable'
 require_relative '../lib/chewy/strategy/custom_sidekiq'
 require_relative '../lib/webpacker/manifest_extensions'
 require_relative '../lib/webpacker/helper_extensions'
+require_relative '../lib/action_dispatch/cookie_jar_extensions'
 require_relative '../lib/rails/engine_extensions'

 Dotenv::Railtie.load