From: Jean-Philippe Lang Date: Sat, 14 Nov 2015 10:04:08 +0000 (+0000) Subject: Use config.relative_url_root as the default path for session and autologin cookies... X-Git-Tag: 3.2.0~32 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=703d8a478201eafbf2a2a9ca6dbf99bc79e37335;p=redmine.git Use config.relative_url_root as the default path for session and autologin cookies (#21169). Patch by Daniel Ritz. git-svn-id: http://svn.redmine.org/redmine/trunk@14876 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 26121ce4a..3c318957b 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -272,7 +272,7 @@ class AccountController < ApplicationController cookie_options = { :value => token.value, :expires => 1.year.from_now, - :path => (Redmine::Configuration['autologin_cookie_path'] || '/'), + :path => (Redmine::Configuration['autologin_cookie_path'] || RedmineApp::Application.config.relative_url_root || '/'), :secure => secure, :httponly => true } diff --git a/config/application.rb b/config/application.rb index d062d6018..96fa38b49 100644 --- a/config/application.rb +++ b/config/application.rb @@ -72,7 +72,9 @@ module RedmineApp # can change it (environments/ENV.rb would take precedence over it) config.log_level = Rails.env.production? ? :info : :debug - config.session_store :cookie_store, :key => '_redmine_session' + config.session_store :cookie_store, + :key => '_redmine_session', + :path => config.relative_url_root || '/' if File.exists?(File.join(File.dirname(__FILE__), 'additional_environment.rb')) instance_eval File.read(File.join(File.dirname(__FILE__), 'additional_environment.rb'))