From bb8bb42f0e8bbca0c94ba626dac53c216fc2df00 Mon Sep 17 00:00:00 2001 From: Nick Budak Date: Tue, 25 Jul 2023 14:03:49 -0700 Subject: [PATCH] Force SSL when RAILS_ENV=production This ensures that we don't get warnings about SameSite=None cookies as a result of 8785e73. The warnings indicate that at some point the browser will no longer honor these cookies unless they are sent securely. --- config/environments/production.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/environments/production.rb b/config/environments/production.rb index b4eabf0cb..16db88ab4 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -48,7 +48,7 @@ # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - # config.force_ssl = true + config.force_ssl = true # Include generic and useful information about system operation, but avoid logging too much # information to avoid inadvertent exposure of personally identifiable information (PII).