closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10555 Commits
4 Branches
567 MiB
Tree: 8a74d851d2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8a74d851d2'
${ noResults }
mastodon/lib/action_dispatch/cookie_jar_extensions.rb

25 lines
656 B
Raw Normal View History

Drop dependency on secure_headers, fix response headers (#15712) * Drop dependency on secure_headers, use always_write_cookie instead * Fix cookies in Tor Hidden Services by moving configuration to application.rb * Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
3 years ago
replace all instances of "ends_with?" with "end_with?" (#15745) The "ends_with?" method is just a Rails alias of Ruby's "end_with?" method. Using the latter makes the code less brittle.
3 years ago
Drop dependency on secure_headers, fix response headers (#15712) * Drop dependency on secure_headers, use always_write_cookie instead * Fix cookies in Tor Hidden Services by moving configuration to application.rb * Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
3 years ago
Monkey patch Rack::Session to send secure cookies to onions (#15725)
3 years ago
replace all instances of "ends_with?" with "end_with?" (#15745) The "ends_with?" method is just a Rails alias of Ruby's "end_with?" method. Using the latter makes the code less brittle.
3 years ago
Monkey patch Rack::Session to send secure cookies to onions (#15725)
3 years ago
 
  1. # frozen_string_literal: true
  2. 

  3. module ActionDispatch
  4.   module CookieJarExtensions
  5.     private
  6. 

  7.     # Monkey-patch ActionDispatch to serve secure cookies to Tor Hidden Service
  8.     # users. Otherwise, ActionDispatch would drop the cookie over HTTP.
  9.     def write_cookie?(*)
  10.       request.host.end_with?('.onion') || super
  11.     end
  12.   end
  13. end
  14. 

  15. ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions)
  16. 

  17. module Rack
  18.   module SessionPersistedExtensions
  19.     def security_matches?(request, options)
  20.       request.host.end_with?('.onion') || super
  21.     end
  22.   end
  23. end
  24. 

  25. Rack::Session::Abstract::Persisted.prepend(Rack::SessionPersistedExtensions)