21fb3f3684
* Drop dependency on secure_headers, use always_write_cookie instead * Fix cookies in Tor Hidden Services by moving configuration to application.rb * Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
7 lines
233 B
Ruby
7 lines
233 B
Ruby
# Be sure to restart your server when you modify this file.
|
|
|
|
Rails.application.config.session_store :cookie_store, {
|
|
key: '_mastodon_session',
|
|
secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'),
|
|
same_site: :lax,
|
|
}
|