Use secure cookies when scheme is "https"

11 years ago · 97aa36e853
parent a9e57ce5e4
commit 97aa36e853
2 changed files with 7 additions and 2 deletions
--- a/config/cfg.rb
+++ b/config/cfg.rb
@ -14,7 +14,8 @@ defaults = {
  AWS_REGION:                     nil,
  AWS_BUCKET:                     nil,
  SECRET_TOKEN:                   '21deaa1a1228e119434aa783ecb4af21be7513ff1f5b8c1d8894241e5fc70ad395db72c8c1b0508a0ebb994ed88a8d73f6c84e44f7a4bc554a40d77f9844d2f4',
-  LOCAL_PERSONA_JS:               true
+  LOCAL_PERSONA_JS:               true,
+  SCHEME:                         'http'
 }.stringify_keys!

 cfg_file = File.expand_path(File.dirname(__FILE__) + '/asciinema.yml')
@ -57,6 +58,10 @@ module Asciinema
      end
    end

+    def ssl?
+      scheme == 'https'
+    end
+
    private

    def normalize_key(key)
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@ -1,3 +1,3 @@
 # Be sure to restart your server when you modify this file.

-Asciinema::Application.config.session_store :cookie_store, key: '_asciinema_session'
+Asciinema::Application.config.session_store :cookie_store, key: '_asciinema_session', secure: CFG.ssl?