closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
Browse Source

Monkey patch Rack::Session to send secure cookies to onions (#15725)

closed-social-v3
Cecylia Bocovich 3 years ago
committed by GitHub
parent
5aa66fccb5
commit
3447bd2f80
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +10
    -0
      lib/action_dispatch/cookie_jar_extensions.rb

+ 10
- 0
lib/action_dispatch/cookie_jar_extensions.rb View File

@ -13,3 +13,13 @@ module ActionDispatch
end
ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions)
module Rack
module SessionPersistedExtensions
def security_matches?(request, options)
request.headers['Host'].ends_with?('.onion') || super
end
end
end
Rack::Session::Abstract::Persisted.prepend(Rack::SessionPersistedExtensions)

Write Preview
Loading…
Cancel
Save