diff options
| author | amouhzi <hassan.amouhzi@gmail.com> | 2013-07-30 18:48:00 +0400 |
|---|---|---|
| committer | Hassan Amouhzi <github@anezi.net> | 2013-08-15 23:25:09 +0400 |
| commit | 39d8a64d255a80df1ed3194f88ac56486b027870 (patch) | |
| tree | 17e1ce8ebde53f88aee03c473dd4493e815100ac /config/initializers/session_store.rb | |
| parent | 55582047413c639a4843f52f9869fafc01bf6522 (diff) | |
Fixes grack authentification under relative_url_root
Ref: https://github.com/gitlabhq/gitlabhq/commit/e6159b8725f99af78f446f8d33fa0e52b7780430
Ref: https://github.com/gitlabhq/gitlabhq/pull/3204
Ref: https://github.com/gitlabhq/gitlabhq/issues/1228
Add Rails' variable in application.rb to support relative url
This variable is used by assets compilation and other modules.
Note that user needs to change application.rb too
Restrict session cookie to the relative path if set.
Ref: https://github.com/gitlabhq/gitlabhq/commit/2c2f1e31856a4decdae469974f5bea8245316f7e
Fix Update attachment_uploader.rb bug with relative URL
See: https://github.com/gitlabhq/gitlabhq/commit/161afda3fa4fca58f396e9c3acbd72bc14490ace
Fix Wall relative bug with attachement files (javascript)
Diffstat (limited to 'config/initializers/session_store.rb')
| -rw-r--r-- | config/initializers/session_store.rb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index e777ae2b78d..52a099c3e16 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -2,7 +2,8 @@ Gitlab::Application.config.session_store :cookie_store, key: '_gitlab_session', secure: Gitlab::Application.config.force_ssl, - httponly: true + httponly: true, + path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root # Use the database for sessions instead of the cookie-based default, # which shouldn't be used to store highly confidential information |