bartt-ssl_requirement 1.3.1 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- data/{README → README.md} +16 -42
- data/Rakefile +0 -14
- data/VERSION +1 -1
- data/bartt-ssl_requirement.gemspec +20 -44
- data/lib/ssl_requirement.rb +3 -2
- data/lib/url_for.rb +4 -0
- data/test/ssl_requirement_test.rb +10 -31
- data/test/url_for_test.rb +37 -45
- metadata +28 -50
- data/.gitignore +0 -1
- data/shoulda_macros/ssl_requirement_macros.rb +0 -31
data/{README → README.md}
RENAMED
@@ -32,11 +32,11 @@ Example:
|
|
32
32
|
end
|
33
33
|
end
|
34
34
|
|
35
|
-
If a majority (or all) of your actions require SSL, then use ssl_exceptions instead of ssl_required
|
36
|
-
You can list out the actions that you do NOT want to be SSL protected. Calling ssl_exceptions without
|
35
|
+
If a majority (or all) of your actions require SSL, then use `ssl_exceptions` instead of `ssl_required`.
|
36
|
+
You can list out the actions that you do NOT want to be SSL protected. Calling `ssl_exceptions` without
|
37
37
|
any actions listed will make ALL actions SSL protected.
|
38
38
|
|
39
|
-
To allow SSL for any action
|
39
|
+
To allow SSL for any action `use ssl_allowed` and pass in `:all`
|
40
40
|
|
41
41
|
Example:
|
42
42
|
|
@@ -47,11 +47,11 @@ Example:
|
|
47
47
|
ssl_allowed :all
|
48
48
|
end
|
49
49
|
|
50
|
-
You can overwrite the protected method ssl_required
|
50
|
+
You can overwrite the protected method `ssl_required?` to rely on other things
|
51
51
|
than just the declarative specification. Say, only premium accounts get SSL.
|
52
52
|
|
53
53
|
For SSL domains that differ from the domain of the redirecting site, add the
|
54
|
-
following code to development.rb / test.rb / production.rb
|
54
|
+
following code to `development.rb` / `test.rb` / `production.rb`:
|
55
55
|
|
56
56
|
# Redirects to https://secure.example.com instead of the default
|
57
57
|
# https://www.example.com.
|
@@ -60,7 +60,7 @@ following code to development.rb / test.rb / production.rb:
|
|
60
60
|
end
|
61
61
|
|
62
62
|
For non-SSL domains that differ from domain of redirecting site, add the
|
63
|
-
following code to development.rb / test.rb / production.rb
|
63
|
+
following code to `development.rb` / `test.rb` / `production.rb`:
|
64
64
|
|
65
65
|
# Redirects to http://nonsecure.example.com instead of the default
|
66
66
|
# http://www.example.com.
|
@@ -68,7 +68,7 @@ following code to development.rb / test.rb / production.rb:
|
|
68
68
|
SslRequirement.non_ssl_host = 'nonsecure.example.com'
|
69
69
|
end
|
70
70
|
|
71
|
-
You can also use a Proc to determine the ssl_host or non_ssl_host on the fly:
|
71
|
+
You can also use a Proc to determine the `ssl_host` or `non_ssl_host` on the fly:
|
72
72
|
|
73
73
|
config.after_initialize do
|
74
74
|
SslRequirement.ssl_host = Proc.new do
|
@@ -76,7 +76,7 @@ You can also use a Proc to determine the ssl_host or non_ssl_host on the fly:
|
|
76
76
|
end
|
77
77
|
end
|
78
78
|
|
79
|
-
You are able to turn
|
79
|
+
You are able to turn off ssl redirects by adding the following environment configuration file:
|
80
80
|
|
81
81
|
SslRequirement.disable_ssl_check = true
|
82
82
|
|
@@ -85,24 +85,24 @@ addng the following to the environment configuration file:
|
|
85
85
|
|
86
86
|
SslRequirement.redirect_status = :moved_permanently
|
87
87
|
|
88
|
-
P.S.: Beware when you include the SslRequirement module. At the time of
|
89
|
-
inclusion, it'll add the before_filter that validates the declarations. Some
|
90
|
-
times you'll want to run other
|
88
|
+
P.S.: Beware when you include the `SslRequirement` module. At the time of
|
89
|
+
inclusion, it'll add the `before_filter` that validates the declarations. Some
|
90
|
+
times you'll want to run other `before_filter`s before that. They should then be
|
91
91
|
declared ahead of including this module.
|
92
92
|
|
93
93
|
SSL URL Helper
|
94
94
|
==============
|
95
|
-
This plugin also adds a helper a
|
96
|
-
allows you to set a url as secure or not secure. It uses the disable_ssl_check to determine
|
95
|
+
This plugin also adds a helper a `:secure` option to `url_for` and `named_routes`. This property
|
96
|
+
allows you to set a url as secure or not secure. It uses the `disable_ssl_check` to determine
|
97
97
|
if the option should be ignored or not so you can develop as normal. It also
|
98
|
-
will obey if you override SslRequirement.ssl_host or
|
99
|
-
SslRequirement.non_ssl_host (see above)
|
98
|
+
will obey if you override `SslRequirement.ssl_host` or
|
99
|
+
`SslRequirement.non_ssl_host` (see above)
|
100
100
|
|
101
101
|
Here is an example of creating a secure url:
|
102
102
|
|
103
103
|
<%= url_for(:controller => "c", :action => "a", :secure => true) %>
|
104
104
|
|
105
|
-
If disable_ssl_check returns false url_for will return the following:
|
105
|
+
If `disable_ssl_check` returns false `url_for` will return the following:
|
106
106
|
|
107
107
|
https://yoursite.com/c/a
|
108
108
|
|
@@ -122,32 +122,6 @@ Furthermore, you can use the secure option in a named route to create a secure f
|
|
122
122
|
</p>
|
123
123
|
<% end -%>
|
124
124
|
|
125
|
-
Testing with Shoulda
|
126
|
-
====================
|
127
|
-
|
128
|
-
If you are using Shoulda, a few contexts and macros are provided:
|
129
|
-
|
130
|
-
class RegistrationsControllerTest < ActionController::TestCase
|
131
|
-
without_ssl_context do
|
132
|
-
context "GET to :new" do
|
133
|
-
setup do
|
134
|
-
get :new
|
135
|
-
end
|
136
|
-
should_redirect_to_ssl
|
137
|
-
end
|
138
|
-
end
|
139
|
-
|
140
|
-
with_ssl_context do
|
141
|
-
context "GET to :new" do
|
142
|
-
setup do
|
143
|
-
get :new
|
144
|
-
end
|
145
|
-
# your usual testing goes here
|
146
|
-
end
|
147
|
-
end
|
148
|
-
end
|
149
|
-
|
150
|
-
|
151
125
|
Copyright
|
152
126
|
=========
|
153
127
|
|
data/Rakefile
CHANGED
@@ -5,20 +5,6 @@ require 'rake/testtask'
|
|
5
5
|
desc "Run the unit tests"
|
6
6
|
task :default => 'test'
|
7
7
|
|
8
|
-
begin
|
9
|
-
require 'jeweler'
|
10
|
-
Jeweler::Tasks.new do |gemspec|
|
11
|
-
gemspec.name = "bartt-ssl_requirement"
|
12
|
-
gemspec.summary = "Allow controller actions to force SSL on specific parts of the site."
|
13
|
-
gemspec.description = "SSL requirement adds a declarative way of specifying that certain actions should only be allowed to run under SSL, and if they're accessed without it, they should be redirected."
|
14
|
-
gemspec.email = 'bart@thecodemill.biz'
|
15
|
-
gemspec.homepage = 'http://github.com/bartt/ssl_requirement'
|
16
|
-
gemspec.authors = ['RailsJedi', 'David Heinemeier Hansson', 'jcnetdev', 'bcurren', 'bmpercy','revo','nathany', 'bartt', 'Thorben Schröder']
|
17
|
-
end
|
18
|
-
rescue LoadError
|
19
|
-
puts "Jeweler not available. Install it with: gem install jeweler"
|
20
|
-
end
|
21
|
-
|
22
8
|
Rake::TestTask.new(:test) do |t|
|
23
9
|
t.pattern = 'test/**/*_test.rb'
|
24
10
|
t.ruby_opts << '-rubygems'
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.4.0
|
@@ -1,51 +1,27 @@
|
|
1
|
-
# Generated by jeweler
|
2
|
-
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
-
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
4
1
|
# -*- encoding: utf-8 -*-
|
5
|
-
|
6
2
|
Gem::Specification.new do |s|
|
7
|
-
s.name =
|
8
|
-
s.version =
|
9
|
-
|
10
|
-
s.
|
11
|
-
s.
|
12
|
-
s.
|
13
|
-
s.description =
|
14
|
-
s.email =
|
3
|
+
s.name = "bartt-ssl_requirement"
|
4
|
+
s.version = `cat VERSION`.strip
|
5
|
+
s.required_rubygems_version = ">= 1.3.6"
|
6
|
+
s.authors = [%q{RailsJedi}, %q{David Heinemeier Hansson}, %q{jcnetdev}, %q{bcurren}, %q{bmpercy}, %q{revo}, %q{nathany}, %q{bartt}, %q{Thorben Schröder}]
|
7
|
+
s.homepage = "https://github.com/bartt/ssl_requirement"
|
8
|
+
s.summary = "Allow controller actions to force SSL on specific parts of the site."
|
9
|
+
s.description = "SSL requirement adds a declarative way of specifying that certain actions should only be allowed to run under SSL, and if they're accessed without it, they should be redirected."
|
10
|
+
s.email = "bart@thecodemill.biz"
|
15
11
|
s.extra_rdoc_files = [
|
16
|
-
"README"
|
12
|
+
"README.md"
|
17
13
|
]
|
18
14
|
s.files = [
|
19
|
-
".
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
"rails/init.rb",
|
28
|
-
"shoulda_macros/ssl_requirement_macros.rb",
|
29
|
-
"test/ssl_requirement_test.rb",
|
30
|
-
"test/url_for_test.rb"
|
31
|
-
]
|
32
|
-
s.homepage = %q{http://github.com/bartt/ssl_requirement}
|
33
|
-
s.rdoc_options = ["--charset=UTF-8"]
|
34
|
-
s.require_paths = ["lib"]
|
35
|
-
s.rubygems_version = %q{1.6.2}
|
36
|
-
s.summary = %q{Allow controller actions to force SSL on specific parts of the site.}
|
37
|
-
s.test_files = [
|
15
|
+
"README.md",
|
16
|
+
"Rakefile",
|
17
|
+
"VERSION",
|
18
|
+
"bartt-ssl_requirement.gemspec",
|
19
|
+
"init.rb",
|
20
|
+
"lib/ssl_requirement.rb",
|
21
|
+
"lib/url_for.rb",
|
22
|
+
"rails/init.rb",
|
38
23
|
"test/ssl_requirement_test.rb",
|
39
|
-
|
24
|
+
"test/url_for_test.rb"
|
40
25
|
]
|
41
|
-
|
42
|
-
|
43
|
-
s.specification_version = 3
|
44
|
-
|
45
|
-
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
46
|
-
else
|
47
|
-
end
|
48
|
-
else
|
49
|
-
end
|
50
|
-
end
|
51
|
-
|
26
|
+
s.require_path = "lib"
|
27
|
+
end
|
data/lib/ssl_requirement.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
require "#{File.dirname(__FILE__)}/url_for"
|
2
|
+
require "active_support/core_ext/class"
|
2
3
|
|
3
4
|
# Copyright (c) 2005 David Heinemeier Hansson
|
4
5
|
#
|
@@ -29,7 +30,7 @@ module SslRequirement
|
|
29
30
|
end
|
30
31
|
|
31
32
|
def self.ssl_port
|
32
|
-
@@ssl_port ||=
|
33
|
+
@@ssl_port ||= 443
|
33
34
|
end
|
34
35
|
|
35
36
|
def self.non_ssl_host
|
@@ -127,7 +128,7 @@ module SslRequirement
|
|
127
128
|
request_port = request.port
|
128
129
|
|
129
130
|
if ssl
|
130
|
-
"#{(ssl_host || request_host)}#{
|
131
|
+
"#{(ssl_host || request_host)}#{determine_port_string(request_port || ssl_port)}"
|
131
132
|
else
|
132
133
|
"#{(non_ssl_host || request_host)}#{determine_port_string(request_port)}"
|
133
134
|
end
|
data/lib/url_for.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'action_dispatch/routing/route_set'
|
2
|
+
require 'active_support/core_ext/module/aliasing'
|
2
3
|
|
3
4
|
module ActionDispatch
|
4
5
|
module Routing
|
@@ -44,6 +45,9 @@ module ActionDispatch
|
|
44
45
|
end
|
45
46
|
|
46
47
|
# want with_secure_option to get run first (so chain it last)
|
48
|
+
# Can't use method overriding using modules as RoutSet#url_for is defined directly in
|
49
|
+
# the class and not in a (Base) module. See http://stackoverflow.com/questions/3689736/rails-3-alias-method-chain-still-used
|
50
|
+
# for a good discussion.
|
47
51
|
alias_method_chain :url_for, :non_ssl_host
|
48
52
|
alias_method_chain :url_for, :secure_option
|
49
53
|
end
|
@@ -1,47 +1,24 @@
|
|
1
|
-
require 'set'
|
2
|
-
require 'rubygems'
|
3
|
-
require 'active_support'
|
4
|
-
begin
|
5
|
-
require 'action_controller'
|
6
|
-
rescue LoadError
|
7
|
-
if ENV['ACTIONCONTROLLER_PATH'].nil?
|
8
|
-
abort <<MSG
|
9
|
-
Please set the ACTIONCONTROLLER_PATH environment variable to the directory
|
10
|
-
containing the action_controller.rb file.
|
11
|
-
MSG
|
12
|
-
else
|
13
|
-
$LOAD_PATH.unshift ENV['ACTIONCONTROLLER_PATH']
|
14
|
-
begin
|
15
|
-
require 'action_controller'
|
16
|
-
rescue LoadError
|
17
|
-
abort "ActionController could not be found."
|
18
|
-
end
|
19
|
-
end
|
20
|
-
end
|
21
|
-
$:.unshift(File.dirname(__FILE__) + '/../lib')
|
22
|
-
|
23
|
-
require 'action_dispatch/testing/test_process'
|
24
1
|
require 'test/unit'
|
25
|
-
require
|
2
|
+
require 'action_controller'
|
26
3
|
|
27
|
-
|
28
|
-
|
4
|
+
$:.unshift(File.dirname(__FILE__) + '/../lib')
|
5
|
+
require "ssl_requirement"
|
29
6
|
|
30
7
|
# several test controllers to cover different combinations of requiring/
|
31
8
|
# allowing/exceptions-ing SSL for controller actions
|
32
9
|
|
33
|
-
# this first controller modifies the flash in every action so that flash
|
34
|
-
# set in set_flash is eventually expired (see NOTE below...)
|
35
|
-
|
36
10
|
ROUTES = ActionDispatch::Routing::RouteSet.new
|
37
11
|
ROUTES.draw do
|
38
12
|
match ':controller(/:action(/:id(.:format)))'
|
39
13
|
end
|
40
14
|
ROUTES.finalize!
|
41
15
|
|
16
|
+
# this first controller modifies the flash in every action so that flash
|
17
|
+
# set in set_flash is eventually expired (see NOTE below...)
|
42
18
|
|
43
19
|
class SslRequirementController < ActionController::Base
|
44
20
|
include SslRequirement
|
21
|
+
include ROUTES.url_helpers
|
45
22
|
|
46
23
|
ssl_required :a, :b
|
47
24
|
ssl_allowed :c
|
@@ -78,6 +55,7 @@ end
|
|
78
55
|
|
79
56
|
class SslExceptionController < ActionController::Base
|
80
57
|
include SslRequirement
|
58
|
+
include ROUTES.url_helpers
|
81
59
|
|
82
60
|
ssl_required :a
|
83
61
|
ssl_exceptions :b
|
@@ -106,6 +84,7 @@ end
|
|
106
84
|
|
107
85
|
class SslAllActionsController < ActionController::Base
|
108
86
|
include SslRequirement
|
87
|
+
include ROUTES.url_helpers
|
109
88
|
|
110
89
|
ssl_exceptions
|
111
90
|
|
@@ -120,6 +99,7 @@ end
|
|
120
99
|
|
121
100
|
class SslAllowAllActionsController < ActionController::Base
|
122
101
|
include SslRequirement
|
102
|
+
include ROUTES.url_helpers
|
123
103
|
|
124
104
|
ssl_allowed :all
|
125
105
|
|
@@ -161,8 +141,7 @@ end
|
|
161
141
|
|
162
142
|
class SslRequirementTest < ActionController::TestCase
|
163
143
|
def setup
|
164
|
-
@routes =
|
165
|
-
|
144
|
+
@routes = ROUTES
|
166
145
|
@controller = SslRequirementController.new
|
167
146
|
@ssl_host_override = 'www.example.com:80443'
|
168
147
|
@non_ssl_host_override = 'www.example.com:8080'
|
data/test/url_for_test.rb
CHANGED
@@ -1,85 +1,77 @@
|
|
1
1
|
$:.unshift(File.dirname(__FILE__) + '/../lib')
|
2
2
|
|
3
|
-
require 'rubygems'
|
4
3
|
require 'test/unit'
|
5
4
|
require 'action_controller'
|
6
|
-
require 'action_controller/test_process'
|
7
5
|
|
8
6
|
require "ssl_requirement"
|
9
7
|
|
10
|
-
# Show backtraces for deprecated behavior for quicker cleanup.
|
11
|
-
ActiveSupport::Deprecation.debug = true
|
12
|
-
ActionController::Base.logger = nil
|
13
|
-
ActionController::Routing::Routes.reload rescue nil
|
14
|
-
|
15
8
|
class UrlRewriterTest < Test::Unit::TestCase
|
16
9
|
def setup
|
17
|
-
@
|
18
|
-
@
|
19
|
-
@
|
20
|
-
|
10
|
+
@routes = ActionDispatch::Routing::RouteSet.new
|
11
|
+
@routes.default_url_options[:host] = 'test.host'
|
12
|
+
@routes.draw do
|
13
|
+
match ':controller(/:action(/:id(.:format)))'
|
14
|
+
end
|
21
15
|
@ssl_host_override = "www.example.com:80443"
|
22
16
|
@non_ssl_host_override = "www.example.com:8080"
|
23
17
|
|
24
18
|
SslRequirement.ssl_host = nil
|
25
19
|
SslRequirement.non_ssl_host = nil
|
26
|
-
|
27
|
-
# puts @url_rewriter.to_s
|
28
20
|
end
|
29
21
|
|
30
22
|
def test_rewrite_secure_false
|
31
23
|
SslRequirement.disable_ssl_check = false
|
32
24
|
assert_equal('http://test.host/c/a',
|
33
|
-
@
|
25
|
+
@routes.url_for(:controller => 'c', :action => 'a', :secure => false)
|
34
26
|
)
|
35
27
|
assert_equal('/c/a',
|
36
|
-
@
|
28
|
+
@routes.url_for(:controller => 'c', :action => 'a', :secure => false,
|
37
29
|
:only_path => true)
|
38
30
|
)
|
39
|
-
|
31
|
+
|
40
32
|
SslRequirement.disable_ssl_check = true
|
41
33
|
assert_equal('http://test.host/c/a',
|
42
|
-
@
|
34
|
+
@routes.url_for(:controller => 'c', :action => 'a', :secure => false)
|
43
35
|
)
|
44
36
|
assert_equal('/c/a',
|
45
|
-
@
|
37
|
+
@routes.url_for(:controller => 'c', :action => 'a', :secure => false,
|
46
38
|
:only_path => true)
|
47
39
|
)
|
48
40
|
end
|
49
|
-
|
41
|
+
|
50
42
|
def test_rewrite_secure_true
|
51
43
|
SslRequirement.disable_ssl_check = false
|
52
44
|
assert_equal('https://test.host/c/a',
|
53
|
-
@
|
45
|
+
@routes.url_for(:controller => 'c', :action => 'a', :secure => true)
|
54
46
|
)
|
55
47
|
assert_equal('https://test.host/c/a',
|
56
|
-
@
|
48
|
+
@routes.url_for(:controller => 'c', :action => 'a', :secure => true, :only_path => true)
|
57
49
|
)
|
58
|
-
|
50
|
+
|
59
51
|
SslRequirement.disable_ssl_check = true
|
60
52
|
assert_equal('http://test.host/c/a',
|
61
|
-
@
|
53
|
+
@routes.url_for(:controller => 'c', :action => 'a', :secure => true)
|
62
54
|
)
|
63
55
|
assert_equal('/c/a',
|
64
|
-
@
|
56
|
+
@routes.url_for(:controller => 'c', :action => 'a', :secure => true, :only_path => true)
|
65
57
|
)
|
66
58
|
end
|
67
|
-
|
59
|
+
|
68
60
|
def test_rewrite_secure_not_specified
|
69
61
|
SslRequirement.disable_ssl_check = false
|
70
62
|
assert_equal('http://test.host/c/a',
|
71
|
-
@
|
63
|
+
@routes.url_for(:controller => 'c', :action => 'a')
|
72
64
|
)
|
73
65
|
assert_equal('/c/a',
|
74
|
-
@
|
66
|
+
@routes.url_for(:controller => 'c', :action => 'a', :only_path => true)
|
75
67
|
)
|
76
|
-
|
68
|
+
|
77
69
|
SslRequirement.disable_ssl_check = true
|
78
70
|
assert_equal('http://test.host/c/a',
|
79
|
-
@
|
71
|
+
@routes.url_for(:controller => 'c', :action => 'a')
|
80
72
|
)
|
81
73
|
assert_equal('/c/a',
|
82
|
-
@
|
74
|
+
@routes.url_for(:controller => 'c', :action => 'a', :only_path => true)
|
83
75
|
)
|
84
76
|
end
|
85
77
|
|
@@ -89,10 +81,10 @@ class UrlRewriterTest < Test::Unit::TestCase
|
|
89
81
|
SslRequirement.disable_ssl_check = false
|
90
82
|
SslRequirement.ssl_host = @ssl_host_override
|
91
83
|
assert_equal("https://#{@ssl_host_override}/c/a",
|
92
|
-
@
|
84
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
93
85
|
:secure => true))
|
94
86
|
assert_equal("https://#{@ssl_host_override}/c/a",
|
95
|
-
@
|
87
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
96
88
|
:secure => true, :only_path => true))
|
97
89
|
SslRequirement.ssl_host = nil
|
98
90
|
end
|
@@ -103,17 +95,17 @@ class UrlRewriterTest < Test::Unit::TestCase
|
|
103
95
|
|
104
96
|
# with secure option
|
105
97
|
assert_equal("http://#{@non_ssl_host_override}/c/a",
|
106
|
-
@
|
98
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
107
99
|
:secure => false))
|
108
100
|
assert_equal("/c/a",
|
109
|
-
@
|
101
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
110
102
|
:secure => false, :only_path => true))
|
111
103
|
|
112
104
|
# without secure option
|
113
105
|
assert_equal("http://#{@non_ssl_host_override}/c/a",
|
114
|
-
@
|
106
|
+
@routes.url_for(:controller => 'c', :action => 'a'))
|
115
107
|
assert_equal("/c/a",
|
116
|
-
@
|
108
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
117
109
|
:only_path => true))
|
118
110
|
SslRequirement.non_ssl_host = nil
|
119
111
|
end
|
@@ -124,30 +116,30 @@ class UrlRewriterTest < Test::Unit::TestCase
|
|
124
116
|
|
125
117
|
# with secure option
|
126
118
|
assert_equal("http://#{@non_ssl_host_override}/c/a",
|
127
|
-
@
|
119
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
128
120
|
:secure => false))
|
129
121
|
assert_equal("/c/a",
|
130
|
-
@
|
122
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
131
123
|
:secure => false, :only_path => true))
|
132
124
|
|
133
125
|
# without secure option
|
134
126
|
assert_equal("http://#{@non_ssl_host_override}/c/a",
|
135
|
-
@
|
127
|
+
@routes.url_for(:controller => 'c', :action => 'a'))
|
136
128
|
assert_equal("/c/a",
|
137
|
-
@
|
129
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
138
130
|
:only_path => true))
|
139
131
|
SslRequirement.non_ssl_host = nil
|
140
132
|
end
|
141
|
-
|
133
|
+
|
142
134
|
# tests for ssl_host overriding with Procs
|
143
|
-
|
135
|
+
|
144
136
|
def test_rewrite_secure_with_ssl_host_proc
|
145
137
|
SslRequirement.disable_ssl_check = false
|
146
138
|
SslRequirement.ssl_host = Proc.new do
|
147
139
|
@ssl_host_override
|
148
140
|
end
|
149
141
|
assert_equal("https://#{@ssl_host_override}/c/a",
|
150
|
-
@
|
142
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
151
143
|
:secure => true))
|
152
144
|
SslRequirement.ssl_host = nil
|
153
145
|
end
|
@@ -159,11 +151,11 @@ class UrlRewriterTest < Test::Unit::TestCase
|
|
159
151
|
end
|
160
152
|
# with secure option
|
161
153
|
assert_equal("http://#{@non_ssl_host_override}/c/a",
|
162
|
-
@
|
154
|
+
@routes.url_for(:controller => 'c', :action => 'a',
|
163
155
|
:secure => false))
|
164
156
|
# without secure option
|
165
157
|
assert_equal("http://#{@non_ssl_host_override}/c/a",
|
166
|
-
@
|
158
|
+
@routes.url_for(:controller => 'c', :action => 'a'))
|
167
159
|
SslRequirement.non_ssl_host = nil
|
168
160
|
end
|
169
161
|
end
|
metadata
CHANGED
@@ -1,15 +1,10 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: bartt-ssl_requirement
|
3
|
-
version: !ruby/object:Gem::Version
|
4
|
-
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.4.0
|
5
5
|
prerelease:
|
6
|
-
segments:
|
7
|
-
- 1
|
8
|
-
- 3
|
9
|
-
- 1
|
10
|
-
version: 1.3.1
|
11
6
|
platform: ruby
|
12
|
-
authors:
|
7
|
+
authors:
|
13
8
|
- RailsJedi
|
14
9
|
- David Heinemeier Hansson
|
15
10
|
- jcnetdev
|
@@ -18,26 +13,22 @@ authors:
|
|
18
13
|
- revo
|
19
14
|
- nathany
|
20
15
|
- bartt
|
21
|
-
-
|
16
|
+
- Thorben Schröder
|
22
17
|
autorequire:
|
23
18
|
bindir: bin
|
24
19
|
cert_chain: []
|
25
|
-
|
26
|
-
date: 2011-09-06 00:00:00 -07:00
|
27
|
-
default_executable:
|
20
|
+
date: 2011-12-22 00:00:00.000000000 Z
|
28
21
|
dependencies: []
|
29
|
-
|
30
|
-
|
22
|
+
description: SSL requirement adds a declarative way of specifying that certain actions
|
23
|
+
should only be allowed to run under SSL, and if they're accessed without it, they
|
24
|
+
should be redirected.
|
31
25
|
email: bart@thecodemill.biz
|
32
26
|
executables: []
|
33
|
-
|
34
27
|
extensions: []
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
- .gitignore
|
40
|
-
- README
|
28
|
+
extra_rdoc_files:
|
29
|
+
- README.md
|
30
|
+
files:
|
31
|
+
- README.md
|
41
32
|
- Rakefile
|
42
33
|
- VERSION
|
43
34
|
- bartt-ssl_requirement.gemspec
|
@@ -45,43 +36,30 @@ files:
|
|
45
36
|
- lib/ssl_requirement.rb
|
46
37
|
- lib/url_for.rb
|
47
38
|
- rails/init.rb
|
48
|
-
- shoulda_macros/ssl_requirement_macros.rb
|
49
39
|
- test/ssl_requirement_test.rb
|
50
40
|
- test/url_for_test.rb
|
51
|
-
|
52
|
-
homepage: http://github.com/bartt/ssl_requirement
|
41
|
+
homepage: https://github.com/bartt/ssl_requirement
|
53
42
|
licenses: []
|
54
|
-
|
55
43
|
post_install_message:
|
56
|
-
rdoc_options:
|
57
|
-
|
58
|
-
require_paths:
|
44
|
+
rdoc_options: []
|
45
|
+
require_paths:
|
59
46
|
- lib
|
60
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
47
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
61
48
|
none: false
|
62
|
-
requirements:
|
63
|
-
- -
|
64
|
-
- !ruby/object:Gem::Version
|
65
|
-
|
66
|
-
|
67
|
-
- 0
|
68
|
-
version: "0"
|
69
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
49
|
+
requirements:
|
50
|
+
- - ! '>='
|
51
|
+
- !ruby/object:Gem::Version
|
52
|
+
version: '0'
|
53
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
70
54
|
none: false
|
71
|
-
requirements:
|
72
|
-
- -
|
73
|
-
- !ruby/object:Gem::Version
|
74
|
-
|
75
|
-
segments:
|
76
|
-
- 0
|
77
|
-
version: "0"
|
55
|
+
requirements:
|
56
|
+
- - ! '>='
|
57
|
+
- !ruby/object:Gem::Version
|
58
|
+
version: 1.3.6
|
78
59
|
requirements: []
|
79
|
-
|
80
60
|
rubyforge_project:
|
81
|
-
rubygems_version: 1.
|
61
|
+
rubygems_version: 1.8.10
|
82
62
|
signing_key:
|
83
63
|
specification_version: 3
|
84
64
|
summary: Allow controller actions to force SSL on specific parts of the site.
|
85
|
-
test_files:
|
86
|
-
- test/ssl_requirement_test.rb
|
87
|
-
- test/url_for_test.rb
|
65
|
+
test_files: []
|
data/.gitignore
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
*.gem
|
@@ -1,31 +0,0 @@
|
|
1
|
-
Test::Unit::TestCase.class_eval do
|
2
|
-
def self.without_ssl_context
|
3
|
-
context "without ssl" do
|
4
|
-
setup do
|
5
|
-
@request.env['HTTPS'] = nil
|
6
|
-
end
|
7
|
-
|
8
|
-
context "" do
|
9
|
-
yield
|
10
|
-
end
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
|
-
def self.with_ssl_context
|
15
|
-
context "with ssl" do
|
16
|
-
setup do
|
17
|
-
@request.env['HTTPS'] = 'on'
|
18
|
-
end
|
19
|
-
|
20
|
-
context "" do
|
21
|
-
yield
|
22
|
-
end
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
def self.should_redirect_to_ssl
|
27
|
-
should 'redirect to ssl' do
|
28
|
-
assert_redirected_to "https://" + @request.host + @request.request_uri
|
29
|
-
end
|
30
|
-
end
|
31
|
-
end
|