From 321dae5dccded1eff6587582c8f0e0b88ca8303c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20Bunsch=20and=20Przemek=20D=C4=85bek?=
 <marcin+przemek.dabek@futuresimple.com>
Date: Thu, 12 Jan 2012 20:31:23 +0100
Subject: When force redirecting to SSL, make sure that the session is kept. As
 we're moving from a non-secure to secure environment, it's safe

---
 actionpack/lib/action_controller/metal/force_ssl.rb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'actionpack/lib/action_controller')

diff --git a/actionpack/lib/action_controller/metal/force_ssl.rb b/actionpack/lib/action_controller/metal/force_ssl.rb
index 0fd42f9d8a..b45f211e83 100644
--- a/actionpack/lib/action_controller/metal/force_ssl.rb
+++ b/actionpack/lib/action_controller/metal/force_ssl.rb
@@ -29,6 +29,7 @@ module ActionController
           if !request.ssl? && !Rails.env.development?
             redirect_options = {:protocol => 'https://', :status => :moved_permanently}
             redirect_options.merge!(:host => host) if host
+            flash.keep
             redirect_to redirect_options
           end
         end
-- 
cgit v1.2.3