Revision 326cf7f3
Added by Shlomi Zadok about 9 years ago
| config/application.rb | ||
|---|---|---|
|
child.helper helpers
|
||
|
end
|
||
|
end
|
||
|
|
||
|
# Secure cookies if the connection is via SSL
|
||
|
if !!SETTINGS[:require_ssl]
|
||
|
config.session_options[:secure] = !!SETTINGS[:require_ssl]
|
||
|
middleware.use config.session_store, config.session_options
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def self.setup_console
|
||
Also available in: Unified diff
fixes #10275 - Add secure cookie when in ssl (CVE-2015-3155)
(cherry picked from commit 0b03b9bdb0579559c2286b457999245ee9c218bc)