2021-02-11 23:47:05 +01:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
module ActionDispatch
|
|
|
|
module CookieJarExtensions
|
|
|
|
private
|
|
|
|
|
|
|
|
# Monkey-patch ActionDispatch to serve secure cookies to Tor Hidden Service
|
|
|
|
# users. Otherwise, ActionDispatch would drop the cookie over HTTP.
|
|
|
|
def write_cookie?(*)
|
2021-02-16 15:28:17 +01:00
|
|
|
request.host.ends_with?('.onion') || super
|
2021-02-11 23:47:05 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions)
|
2021-02-14 00:10:52 +01:00
|
|
|
|
|
|
|
module Rack
|
|
|
|
module SessionPersistedExtensions
|
|
|
|
def security_matches?(request, options)
|
2021-02-16 15:28:17 +01:00
|
|
|
request.host.ends_with?('.onion') || super
|
2021-02-14 00:10:52 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
Rack::Session::Abstract::Persisted.prepend(Rack::SessionPersistedExtensions)
|