techhub/mastodon
2
0
Fork 0
Code Activity

Fix cookies not having a SameSite attribute (#15098)

Browse Source
This commit is contained in:
Eugen Rochko
2020-11-06 11:57:14 +01:00
committed by GitHub
parent 9b1f2a4b61
commit acc1c03861
3 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/initializers/devise.rb
View File

@@ -10,6 +10,7 @@ Warden::Manager.after_set_user except: :fetch do |user, warden|
expires: 1.year.from_now,
httponly: true,
secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'),
same_site: :lax,
}
end
@@ -20,6 +21,7 @@ Warden::Manager.after_fetch do |user, warden|
expires: 1.year.from_now,
httponly: true,
secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'),
same_site: :lax,
}
else
warden.logout