Fix enforce HTTPS in production. (#6180)

author Naoki Kosaka <n.k@mail.yukimochi.net>

Fri, 5 Jan 2018 19:04:22 +0000 (04:04 +0900)

committer Eugen Rochko <eugen@zeonfederated.com>

Fri, 5 Jan 2018 19:04:22 +0000 (20:04 +0100)
author Naoki Kosaka <n.k@mail.yukimochi.net>
Fri, 5 Jan 2018 19:04:22 +0000 (04:04 +0900)
committer Eugen Rochko <eugen@zeonfederated.com>
Fri, 5 Jan 2018 19:04:22 +0000 (20:04 +0100)
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb

index ef61543a87e14766134379cb144a7660eecf7101..3dc0edd6fd262f70a6c496c922beb97bd096003c 100644 (file)
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,3 +1,3 @@
  # Be sure to restart your server when you modify this file.
  
-Rails.application.config.session_store :cookie_store, key: '_mastodon_session', secure: (ENV['LOCAL_HTTPS'] == 'true')
+Rails.application.config.session_store :cookie_store, key: '_mastodon_session', secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true')
diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb

index 4f7399505c48c9fe3c64558505824bf62d7e18b7..67c6b92054031299f4916ba8dc6d72a1633db9a7 100644 (file)
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@@ -46,7 +46,7 @@ RSpec.configure do |config|
    config.include ActiveSupport::Testing::TimeHelpers
  
    config.before :each, type: :feature do
-    https = ENV['LOCAL_HTTPS'] == 'true'
+    https = Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'
      Capybara.app_host = "http#{https ? 's' : ''}://#{ENV.fetch('LOCAL_DOMAIN')}"
    end
author	Naoki Kosaka <n.k@mail.yukimochi.net>
	Fri, 5 Jan 2018 19:04:22 +0000 (04:04 +0900)
committer	Eugen Rochko <eugen@zeonfederated.com>
	Fri, 5 Jan 2018 19:04:22 +0000 (20:04 +0100)
config/initializers/session_store.rb		patch \| blob \| history
spec/rails_helper.rb		patch \| blob \| history