fedi/mastodon
1
0
Fork 1
mirror of https://github.com/mastodon/mastodon.git synced 2024-11-18 04:19:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Monkey patch Rack::Session to send secure cookies to onions (#15725)

Browse source
This commit is contained in:
Cecylia Bocovich 2021-02-13 18:10:52 -05:00 committed by GitHub
parent 5aa66fccb5
commit 3447bd2f80
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/action_dispatch/cookie_jar_extensions.rb
View file

@ -13,3 +13,13 @@ module ActionDispatch
end end
ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions) ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions)
module Rack
module SessionPersistedExtensions
def security_matches?(request, options)
request.headers['Host'].ends_with?('.onion') || super
end
end
end
Rack::Session::Abstract::Persisted.prepend(Rack::SessionPersistedExtensions)