cookie_jar_extensions.rb 656 B

12345678910111213141516171819202122232425
  1. # frozen_string_literal: true
  2. module ActionDispatch
  3. module CookieJarExtensions
  4. private
  5. # Monkey-patch ActionDispatch to serve secure cookies to Tor Hidden Service
  6. # users. Otherwise, ActionDispatch would drop the cookie over HTTP.
  7. def write_cookie?(*)
  8. request.host.end_with?('.onion') || super
  9. end
  10. end
  11. end
  12. ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions)
  13. module Rack
  14. module SessionPersistedExtensions
  15. def security_matches?(request, options)
  16. request.host.end_with?('.onion') || super
  17. end
  18. end
  19. end
  20. Rack::Session::Abstract::Persisted.prepend(Rack::SessionPersistedExtensions)