config.force_ssl should mark the session as secure.

author: José Valim <jose.valim@gmail.com> 2012-01-12 20:46:54 +0100
committer: José Valim <jose.valim@gmail.com> 2012-01-13 19:54:37 +0100
commit: d6933a1e9fdce873e5540813f4d44d313b6d363d (patch)
tree: 3204537829e33cf1261f62106ee2ce1dd8823328 /railties/lib/rails
parent: d393e46149d4fd4f02625d471bef3f9aa049c133 (diff)
download: rails-d6933a1e9fdce873e5540813f4d44d313b6d363d.tar.gz
rails-d6933a1e9fdce873e5540813f4d44d313b6d363d.tar.bz2
rails-d6933a1e9fdce873e5540813f4d44d313b6d363d.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 7103dad1f3..1314966044 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -258,6 +258,9 @@ module Rails
         middleware.use ::ActionDispatch::Cookies
 
         if config.session_store
+          if config.force_ssl && !config.session_options.key?(:secure)
+            config.session_options[:secure] = true
+          end
           middleware.use config.session_store, config.session_options
           middleware.use ::ActionDispatch::Flash
         end
author	José Valim <jose.valim@gmail.com>	2012-01-12 20:46:54 +0100
committer	José Valim <jose.valim@gmail.com>	2012-01-13 19:54:37 +0100
commit	d6933a1e9fdce873e5540813f4d44d313b6d363d (patch)
tree	3204537829e33cf1261f62106ee2ce1dd8823328 /railties/lib/rails
parent	d393e46149d4fd4f02625d471bef3f9aa049c133 (diff)
download	rails-d6933a1e9fdce873e5540813f4d44d313b6d363d.tar.gz rails-d6933a1e9fdce873e5540813f4d44d313b6d363d.tar.bz2 rails-d6933a1e9fdce873e5540813f4d44d313b6d363d.zip