* Drop dependency on secure_headers, use always_write_cookie instead * Fix cookies in Tor Hidden Services by moving configuration to application.rb * Instead of setting always_write_cookie at boot, monkey-patch ActionDispatch
		
			
				
	
	
		
			8 lines
		
	
	
		
			233 B
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			8 lines
		
	
	
		
			233 B
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| # Be sure to restart your server when you modify this file.
 | |
| 
 | |
| Rails.application.config.session_store :cookie_store, {
 | |
|   key: '_mastodon_session',
 | |
|   secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'),
 | |
|   same_site: :lax,
 | |
| }
 |