Revision 326cf7f3
Added by Shlomi Zadok about 9 years ago
config/application.rb | ||
---|---|---|
child.helper helpers
|
||
end
|
||
end
|
||
|
||
# Secure cookies if the connection is via SSL
|
||
if !!SETTINGS[:require_ssl]
|
||
config.session_options[:secure] = !!SETTINGS[:require_ssl]
|
||
middleware.use config.session_store, config.session_options
|
||
end
|
||
end
|
||
|
||
def self.setup_console
|
Also available in: Unified diff
fixes #10275 - Add secure cookie when in ssl (CVE-2015-3155)
(cherry picked from commit 0b03b9bdb0579559c2286b457999245ee9c218bc)