autonomic-cooperative/hometown
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Drop dependency on secure_headers, fix response headers (#15712)

Browse Source 
* Drop dependency on secure_headers, use always_write_cookie instead

* Fix cookies in Tor Hidden Services by moving configuration to application.rb

* Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
This commit is contained in:
Claire
2021-02-11 23:47:05 +01:00
committed by GitHub
parent eb23f98592
commit 21fb3f3684
8 changed files with 24 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/initializers/makara.rb
View File

@ -1 +1,2 @@
Makara::Cookie::DEFAULT_OPTIONS[:same_site] = :lax
Makara::Cookie::DEFAULT_OPTIONS[:secure] = Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'