config.force_ssl should mark the session as secure.

author: José Valim <jose.valim@gmail.com> 2012-01-12 20:46:54 +0100
committer: José Valim <jose.valim@gmail.com> 2012-01-13 19:55:34 +0100
commit: b745fe1e83df24990f8489a819bef62f4add49a5 (patch)
tree: 714bddeb6ac8b1026ec0705cad1ed9f1df42a2b7 /railties/lib/rails/application.rb
parent: 70631e723ca9503b387f25076b9fb7f68726f81e (diff)
download: rails-b745fe1e83df24990f8489a819bef62f4add49a5.tar.gz
rails-b745fe1e83df24990f8489a819bef62f4add49a5.tar.bz2
rails-b745fe1e83df24990f8489a819bef62f4add49a5.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 19e8426e60..6d3349c61b 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -266,6 +266,9 @@ module Rails
         middleware.use ::ActionDispatch::Cookies
 
         if config.session_store
+          if config.force_ssl && !config.session_options.key?(:secure)
+            config.session_options[:secure] = true
+          end
           middleware.use config.session_store, config.session_options
           middleware.use ::ActionDispatch::Flash
         end
author	José Valim <jose.valim@gmail.com>	2012-01-12 20:46:54 +0100
committer	José Valim <jose.valim@gmail.com>	2012-01-13 19:55:34 +0100
commit	b745fe1e83df24990f8489a819bef62f4add49a5 (patch)
tree	714bddeb6ac8b1026ec0705cad1ed9f1df42a2b7 /railties/lib/rails/application.rb
parent	70631e723ca9503b387f25076b9fb7f68726f81e (diff)
download	rails-b745fe1e83df24990f8489a819bef62f4add49a5.tar.gz rails-b745fe1e83df24990f8489a819bef62f4add49a5.tar.bz2 rails-b745fe1e83df24990f8489a819bef62f4add49a5.zip