]> cat aescling's git repositories - mastodon.git/commit
Onion service related changes to HTTPS handling (#15560)
authorCecylia Bocovich <cohosh@torproject.org>
Thu, 11 Feb 2021 03:40:13 +0000 (22:40 -0500)
committerGitHub <noreply@github.com>
Thu, 11 Feb 2021 03:40:13 +0000 (04:40 +0100)
commite79f8dd85cb63125185fdf711f470c298a0b5dbc
treec27f1d0e2cd45262934fd5729e9ae3cd824747b3
parentd499bb031f0d20a5f27facfd57cf4e00f89003d7
Onion service related changes to HTTPS handling (#15560)

* Enable secure cookie flag for https only

* Disable force_ssl for .onion hosts only

Co-authored-by: Aiden McClelland <me@drbonez.dev>
Gemfile
Gemfile.lock
app/controllers/application_controller.rb
app/lib/webfinger.rb
config/initializers/devise.rb
config/initializers/makara.rb
config/initializers/secureheaders.rb [new file with mode: 0644]
config/initializers/session_store.rb