From c447a2131d864cb715c0fb9ba562db67ade2f7c6 Mon Sep 17 00:00:00 2001
From: Marin Jankovski <marin@gitlab.com>
Date: Wed, 25 Dec 2013 12:30:33 +0100
Subject: [PATCH] Enable secure option if https is used.

---
 config/initializers/session_store.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 467f947..f80b67a 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -4,7 +4,7 @@ Gitlab::Application.config.session_store(
   :redis_store, # Using the cookie_store would enable session replay attacks.
   servers: Gitlab::Application.config.cache_store.last, # re-use the Redis config from the Rails cache store
   key: '_gitlab_session',
-  secure: Gitlab::Application.config.force_ssl,
+  secure: Gitlab.config.gitlab.https,
   httponly: true,
   path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root
 )
--
libgit2 0.21.2