Merge pull request #16854 from bdunne/allow_insecure_session

When using http only, set env variable to allow insecure sessions
ManageIQ · Jan 19, 2018 · 46d2a63 · 46d2a63
2 parents f5f9a83 + c6df0a4
commit 46d2a63
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
@@ -10,7 +10,7 @@
 
   session_options = {}
   if MiqEnvironment::Command.is_appliance?
-    session_options[:secure]   = true unless MiqEnvironment::Command.is_container?
+    session_options[:secure]   = true unless ENV["ALLOW_INSECURE_SESSION"]
     session_options[:httponly] = true
   end