From cb365c2fa003e83a9bd0b16dd9025e5c79390ca3 Mon Sep 17 00:00:00 2001
From: ruslandoga <doga.ruslan@gmail.com>
Date: Thu, 26 Sep 2024 14:57:21 +0700
Subject: [PATCH] set secure cookie if BASE_URL scheme is HTTPS (#4623)

---
 config/runtime.exs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/config/runtime.exs b/config/runtime.exs
index e07528fcd9e0..22fdeb37e43f 100644
--- a/config/runtime.exs
+++ b/config/runtime.exs
@@ -296,9 +296,15 @@ if byte_size(websocket_url) > 0 and
   """
 end
 
+secure_cookie_default =
+  case base_url.scheme do
+    "http" -> "false"
+    "https" -> "true"
+  end
+
 secure_cookie =
   config_dir
-  |> get_var_from_path_or_env("SECURE_COOKIE", if(is_selfhost, do: "false", else: "true"))
+  |> get_var_from_path_or_env("SECURE_COOKIE", secure_cookie_default)
   |> String.to_existing_atom()
 
 license_key = get_var_from_path_or_env(config_dir, "LICENSE_KEY", "")