bartt-ssl_requirement 1.4.1 → 1.4.2

Sign up to get free protection for your applications and to get access to all the features.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.4.1
1
+ 1.4.2
@@ -24,7 +24,8 @@ require "active_support/core_ext/class"
24
24
  module SslRequirement
25
25
  extend ActiveSupport::Concern
26
26
 
27
- mattr_writer :ssl_host, :ssl_port, :non_ssl_host, :disable_ssl_check
27
+ mattr_writer :ssl_host, :ssl_port, :non_ssl_host, :non_ssl_port,
28
+ :disable_ssl_check
28
29
  mattr_accessor :redirect_status
29
30
 
30
31
  def self.ssl_host
@@ -39,6 +40,10 @@ module SslRequirement
39
40
  determine_host(@@non_ssl_host) rescue nil
40
41
  end
41
42
 
43
+ def self.non_ssl_port
44
+ @@non_ssl_port ||= 80
45
+ end
46
+
42
47
  # mattr_reader would generate both ssl_host and self.ssl_host
43
48
  def ssl_host
44
49
  SslRequirement.ssl_host
@@ -52,6 +57,10 @@ module SslRequirement
52
57
  SslRequirement.non_ssl_host
53
58
  end
54
59
 
60
+ def non_ssl_port
61
+ SslRequirement.non_ssl_port
62
+ end
63
+
55
64
  def self.disable_ssl_check?
56
65
  @@disable_ssl_check ||= false
57
66
  end
@@ -135,10 +144,28 @@ module SslRequirement
135
144
  request_port = request.port
136
145
 
137
146
  if ssl
138
- "#{(ssl_host || request_host)}#{determine_port_string(request_port || ssl_port)}"
147
+ "#{ssl_host || request_host}#{determine_ssl_port_string request.port}"
148
+ else
149
+ "#{non_ssl_host || request_host}#{determine_non_ssl_port_string request.port}"
150
+ end
151
+ end
152
+
153
+ def determine_ssl_port_string(request_port)
154
+ if request_port == non_ssl_port
155
+ port = ssl_port
156
+ else
157
+ port = request_port || ssl_port
158
+ end
159
+ determine_port_string port
160
+ end
161
+
162
+ def determine_non_ssl_port_string(request_port)
163
+ if request_port == ssl_port
164
+ port = non_ssl_port
139
165
  else
140
- "#{(non_ssl_host || request_host)}#{determine_port_string(request_port)}"
166
+ port = request_port || non_ssl_port
141
167
  end
168
+ determine_port_string port
142
169
  end
143
170
 
144
171
  def self.determine_host(host)
@@ -159,6 +159,20 @@ class SslRequirementTest < ActionController::TestCase
159
159
  assert_match %r{^https://.*:4567/}, @response.headers['Location']
160
160
  end
161
161
 
162
+ def test_redirect_to_https_ignores_known_non_ssl_port
163
+ SslRequirement.non_ssl_port = 4567
164
+
165
+ assert_not_equal "on", @request.env["HTTPS"]
166
+ @request.host = 'www.example.com:4567'
167
+ @request.port = 4567
168
+
169
+ get :b
170
+ assert_response :redirect
171
+ assert_match %r{^https://.+\.com/}, @response.headers['Location']
172
+
173
+ SslRequirement.non_ssl_port = 80
174
+ end
175
+
162
176
  def test_redirect_to_https_does_not_preserve_normal_port
163
177
  assert_not_equal "on", @request.env["HTTPS"]
164
178
  get :b
@@ -166,6 +180,32 @@ class SslRequirementTest < ActionController::TestCase
166
180
  assert_match %r{^https://.*[^:]/}, @response.headers['Location']
167
181
  end
168
182
 
183
+ def redirect_to_http_preserves_non_normal_port
184
+ @request.env['HTTPS'] = "on"
185
+ @request.host = 'www.example.com:4567'
186
+ @request.port = 4567
187
+
188
+ get :d
189
+
190
+ assert_response :redirect
191
+ assert_match %r{^http://.*:4567/}, @response.headers['Location']
192
+ end
193
+
194
+ def test_redirect_to_http_ignores_known_ssl_port
195
+ SslRequirement.ssl_port = 6789
196
+
197
+ @request.env['HTTPS'] = "on"
198
+ @request.host = 'www.example.com:6789'
199
+ @request.port = 6789
200
+
201
+ get :d
202
+
203
+ assert_response :redirect
204
+ assert_match %r{^http://.*\.com/}, @response.headers['Location']
205
+
206
+ SslRequirement.ssl_port = 443
207
+ end
208
+
169
209
  # flash-related tests
170
210
 
171
211
  def test_redirect_to_https_preserves_flash
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bartt-ssl_requirement
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.1
4
+ version: 1.4.2
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -17,7 +17,7 @@ authors:
17
17
  autorequire:
18
18
  bindir: bin
19
19
  cert_chain: []
20
- date: 2012-01-03 00:00:00.000000000 Z
20
+ date: 2012-03-24 00:00:00.000000000 Z
21
21
  dependencies: []
22
22
  description: SSL requirement adds a declarative way of specifying that certain actions
23
23
  should only be allowed to run under SSL, and if they're accessed without it, they
@@ -58,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
58
58
  version: 1.3.6
59
59
  requirements: []
60
60
  rubyforge_project:
61
- rubygems_version: 1.8.6
61
+ rubygems_version: 1.8.10
62
62
  signing_key:
63
63
  specification_version: 3
64
64
  summary: Allow controller actions to force SSL on specific parts of the site.