Add 'secure' for cookies when SSL enabled

This commit is contained in:
Omar Roth 2018-07-18 19:29:03 -05:00
parent 68d5ee95b3
commit 61e3c39ecd

View File

@ -663,7 +663,12 @@ post "/login" do |env|
host = URI.parse(env.request.headers["Host"]).host host = URI.parse(env.request.headers["Host"]).host
login.cookies.each do |cookie| login.cookies.each do |cookie|
cookie.secure = false if Kemal.config.ssl
cookie.secure = true
else
cookie.secure = false
end
cookie.extension = cookie.extension.not_nil!.gsub(".youtube.com", host) cookie.extension = cookie.extension.not_nil!.gsub(".youtube.com", host)
cookie.extension = cookie.extension.not_nil!.gsub("Secure; ", "") cookie.extension = cookie.extension.not_nil!.gsub("Secure; ", "")
end end