From 4f70975ac661caf9339e61bc15a63be77f530ca6 Mon Sep 17 00:00:00 2001
From: Matijs van Zuijlen <matijs@matijs.net>
Date: Sun, 10 Oct 2021 12:50:52 +0200
Subject: [PATCH] Force session cookie to be secure in production

---
 config/initializers/session_store.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 37c18162d4..71e21a1b9f 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -2,4 +2,6 @@
 
 # Be sure to restart your server when you modify this file.
 
-Rails.application.config.session_store :active_record_store, key: "_publify_blog_session"
+Rails.application.config.session_store(:active_record_store,
+                                       key: "_publify_blog_session",
+                                       secure: Rails.env.production?)