From 11e9b7b58837da351f08c18e6f0f4faba4d7d301 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Mon, 29 Jun 2020 19:21:38 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@13-1-stable-ee

---
 config/initializers/cookies_serializer.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'config')

diff --git a/config/initializers/cookies_serializer.rb b/config/initializers/cookies_serializer.rb
index fa1736dfea6..e9a71f32581 100644
--- a/config/initializers/cookies_serializer.rb
+++ b/config/initializers/cookies_serializer.rb
@@ -1,4 +1,5 @@
 # Be sure to restart your server when you modify this file.
 
 Rails.application.config.action_dispatch.use_cookies_with_metadata = true
-Rails.application.config.action_dispatch.cookies_serializer = :hybrid
+Rails.application.config.action_dispatch.cookies_serializer =
+  Gitlab::Utils.to_boolean(ENV['USE_UNSAFE_HYBRID_COOKIES']) ? :hybrid : :json
-- 
cgit v1.2.3