panmind-sslhelper 0.8.2 → 0.9.2
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +30 -7
- data/Rakefile +6 -6
- data/lib/panmind/ssl_helper.rb +53 -30
- data/lib/panmind/ssl_helper/railtie.rb +11 -1
- data/rails/init.rb +1 -1
- metadata +41 -51
data/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
SSLHelper: an SSL plugin for Rails
|
|
2
|
-
|
|
1
|
+
SSLHelper: an SSL plugin for Rails 3
|
|
2
|
+
====================================
|
|
3
3
|
|
|
4
4
|
Purpose
|
|
5
5
|
-------
|
|
@@ -17,7 +17,7 @@ Via RubyGems:
|
|
|
17
17
|
|
|
18
18
|
Or via Rails Plugin:
|
|
19
19
|
|
|
20
|
-
|
|
20
|
+
rails plugin install git://github.com/Panmind/ssl_helper.git
|
|
21
21
|
|
|
22
22
|
Usage
|
|
23
23
|
-----
|
|
@@ -66,7 +66,7 @@ tests (e.g. use them in your `setup` method).
|
|
|
66
66
|
Compatibility
|
|
67
67
|
-------------
|
|
68
68
|
|
|
69
|
-
Tested with Rails
|
|
69
|
+
Tested with Rails 3.0.3 running under Ruby 1.9.2p0
|
|
70
70
|
|
|
71
71
|
|
|
72
72
|
Server configuration
|
|
@@ -74,8 +74,11 @@ Server configuration
|
|
|
74
74
|
|
|
75
75
|
The plugin relies on the HTTPS server variable, that is set automatically by
|
|
76
76
|
Rails if the `X-Forwarded-Proto` header is set to `https`. To avoid clients
|
|
77
|
-
setting that header, take care to add
|
|
78
|
-
|
|
77
|
+
setting that header, take care to add the corresponding configuration for your web server.
|
|
78
|
+
|
|
79
|
+
Nginx
|
|
80
|
+
=====
|
|
81
|
+
Set `proxy_set_header` in your nginx config file, such as:
|
|
79
82
|
|
|
80
83
|
server {
|
|
81
84
|
listen 80;
|
|
@@ -97,4 +100,24 @@ config file, such as:
|
|
|
97
100
|
}
|
|
98
101
|
}
|
|
99
102
|
|
|
100
|
-
|
|
103
|
+
|
|
104
|
+
Apache
|
|
105
|
+
=====
|
|
106
|
+
Set RequestHeader in your apache sites, such as:
|
|
107
|
+
|
|
108
|
+
<VirtualHost *:80>
|
|
109
|
+
|
|
110
|
+
...
|
|
111
|
+
|
|
112
|
+
RequestHeader set X_FORWARDED_PROTO 'http'
|
|
113
|
+
</VirtualHost>
|
|
114
|
+
|
|
115
|
+
|
|
116
|
+
<IfModule mod_ssl.c>
|
|
117
|
+
<VirtualHost *:443>
|
|
118
|
+
|
|
119
|
+
...
|
|
120
|
+
|
|
121
|
+
RequestHeader set X_FORWARDED_PROTO 'https'
|
|
122
|
+
</VirtualHost>
|
|
123
|
+
</IfModule>
|
data/Rakefile
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
require 'rake'
|
|
2
|
-
require '
|
|
2
|
+
require 'rdoc/task'
|
|
3
3
|
|
|
4
|
-
require 'lib/panmind/ssl_helper'
|
|
4
|
+
require './lib/panmind/ssl_helper'
|
|
5
5
|
|
|
6
6
|
begin
|
|
7
7
|
require 'jeweler'
|
|
@@ -14,8 +14,8 @@ begin
|
|
|
14
14
|
'and named route counterparts (e.g. ssl_login_url) to clean up your '\
|
|
15
15
|
'view and controller code. HTTP(S) ports are configurable.'
|
|
16
16
|
|
|
17
|
-
gemspec.authors = ['Marcello Barnaba']
|
|
18
|
-
gemspec.email = 'vjt@openssl.it'
|
|
17
|
+
gemspec.authors = ['Marcello Barnaba', 'Fabrizio Regini']
|
|
18
|
+
gemspec.email = ['vjt@openssl.it', 'freegenie@gmail.com']
|
|
19
19
|
gemspec.homepage = 'http://github.com/Panmind/ssl_helper'
|
|
20
20
|
|
|
21
21
|
gemspec.files = %w( README.md Rakefile rails/init.rb ) + Dir['lib/**/*']
|
|
@@ -23,11 +23,11 @@ begin
|
|
|
23
23
|
gemspec.has_rdoc = true
|
|
24
24
|
|
|
25
25
|
gemspec.version = Panmind::SSLHelper::Version
|
|
26
|
-
gemspec.date = '
|
|
26
|
+
gemspec.date = '2012-02-12'
|
|
27
27
|
|
|
28
28
|
gemspec.require_path = 'lib'
|
|
29
29
|
|
|
30
|
-
gemspec.add_dependency
|
|
30
|
+
gemspec.add_dependency 'rails', '~> 3.0'
|
|
31
31
|
end
|
|
32
32
|
rescue LoadError
|
|
33
33
|
puts 'Jeweler not available. Install it with: gem install jeweler'
|
data/lib/panmind/ssl_helper.rb
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
|
+
require 'panmind/ssl_helper/railtie' if defined? Rails
|
|
2
|
+
|
|
1
3
|
module Panmind
|
|
2
4
|
module SSLHelper
|
|
3
|
-
Version = '0.
|
|
5
|
+
Version = '0.9.2'
|
|
4
6
|
|
|
5
7
|
WITH_SSL = {:protocol => 'https'}
|
|
6
8
|
WITHOUT_SSL = {:protocol => 'http' }
|
|
@@ -19,30 +21,39 @@ module Panmind
|
|
|
19
21
|
end
|
|
20
22
|
|
|
21
23
|
module Routing
|
|
22
|
-
def
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
24
|
+
def self.included(base)
|
|
25
|
+
base.instance_eval do
|
|
26
|
+
alias_method_chain :finalize!, :ssl
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
Classes = [
|
|
31
|
+
ActionController::Base,
|
|
32
|
+
ActionController::Integration::Session,
|
|
33
|
+
ActionController::TestCase,
|
|
34
|
+
|
|
35
|
+
ActionView::Base
|
|
36
|
+
] if defined? Rails
|
|
37
|
+
|
|
38
|
+
def finalize_with_ssl!
|
|
39
|
+
helpers = create_ssl_helpers
|
|
40
|
+
return unless helpers # Not ready yet.
|
|
41
|
+
|
|
42
|
+
return if Classes.first.included_modules.include? helpers
|
|
43
|
+
|
|
44
|
+
# Include the helper_module into each class to patch.
|
|
45
|
+
#
|
|
46
|
+
Classes.each {|k| k.instance_eval { include helpers } }
|
|
47
|
+
|
|
48
|
+
# Set the helpers as public in the AC::Integration::Session class
|
|
49
|
+
# for easy testing in the console.
|
|
50
|
+
#
|
|
51
|
+
ActionController::Integration::Session.module_eval do
|
|
52
|
+
public *helpers.instance_methods
|
|
45
53
|
end
|
|
54
|
+
|
|
55
|
+
ensure
|
|
56
|
+
finalize_without_ssl!
|
|
46
57
|
end
|
|
47
58
|
|
|
48
59
|
# Populates the @ssl_helpers module with ssl_ and plain_ helper
|
|
@@ -56,16 +67,16 @@ module Panmind
|
|
|
56
67
|
return @ssl_helpers if @ssl_helpers.frozen?
|
|
57
68
|
|
|
58
69
|
route_helpers =
|
|
59
|
-
if defined?
|
|
70
|
+
if defined? Rails.application.routes.named_routes.helpers
|
|
60
71
|
# This is a Private Rails API, so we check whether it's defined
|
|
61
72
|
# and reject all the hash_for_*() and the *_path() helpers.
|
|
62
73
|
#
|
|
63
|
-
|
|
64
|
-
reject { |h| h
|
|
74
|
+
Rails.application.routes.named_routes.helpers.
|
|
75
|
+
reject { |h| h =~ /^hash_for|path$/ }
|
|
65
76
|
else
|
|
66
77
|
# Warn the developer and fall back.
|
|
67
78
|
#
|
|
68
|
-
Rails.logger.warn "SSLHelper:
|
|
79
|
+
Rails.logger.warn "SSLHelper: Rails.application.routes.named_routes.helpers disappeared"
|
|
69
80
|
Rails.logger.warn "SSLHelper: falling back to filtering controller methods"
|
|
70
81
|
|
|
71
82
|
ac = ActionController::Base
|
|
@@ -135,11 +146,19 @@ module Panmind
|
|
|
135
146
|
|
|
136
147
|
protected
|
|
137
148
|
def ssl_required
|
|
138
|
-
|
|
149
|
+
unless request.ssl?
|
|
150
|
+
raise SSLHelper::SSLRequired unless request.get?
|
|
151
|
+
Rails.logger.info("SSL Helper: redirecting to SSL url")
|
|
152
|
+
redirect_to params.merge(WITH_SSL)
|
|
153
|
+
end
|
|
139
154
|
end
|
|
140
155
|
|
|
141
156
|
def ssl_refused
|
|
142
|
-
|
|
157
|
+
if request.ssl?
|
|
158
|
+
raise SSLHelper::SSLRefused unless request.get?
|
|
159
|
+
Rails.logger.info("SSL Helper: redirecting to non-SSL url")
|
|
160
|
+
redirect_to params.merge(WITHOUT_SSL)
|
|
161
|
+
end
|
|
143
162
|
end
|
|
144
163
|
end # Filters
|
|
145
164
|
|
|
@@ -175,5 +194,9 @@ module Panmind
|
|
|
175
194
|
@request.env.update('HTTPS' => https, 'SERVER_PORT' => port)
|
|
176
195
|
end
|
|
177
196
|
end # TestHelpers
|
|
197
|
+
|
|
198
|
+
class SSLRequired < StandardError ; end
|
|
199
|
+
class SSLRefused < StandardError ; end
|
|
200
|
+
|
|
178
201
|
end # SSLHelper
|
|
179
202
|
end # Panmind
|
|
@@ -3,9 +3,19 @@ require 'panmind/ssl_helper'
|
|
|
3
3
|
module Panmind
|
|
4
4
|
module SSLHelper
|
|
5
5
|
|
|
6
|
+
if defined? Rails::Railtie
|
|
7
|
+
class Railtie < Rails::Railtie
|
|
8
|
+
initializer 'panmind.ssl_helper.insert_into_action_controller' do
|
|
9
|
+
ActiveSupport.on_load :action_controller do
|
|
10
|
+
Panmind::SSLHelper::Railtie.insert
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
|
|
6
16
|
class Railtie
|
|
7
17
|
def self.insert
|
|
8
|
-
ActionController::Routing::
|
|
18
|
+
ActionController::Routing::RouteSet.instance_eval { include Panmind::SSLHelper::Routing }
|
|
9
19
|
ActionController::Base.instance_eval { include Panmind::SSLHelper::Filters }
|
|
10
20
|
ActiveSupport::TestCase.instance_eval { include Panmind::SSLHelper::TestHelpers } if Rails.env.test?
|
|
11
21
|
end
|
data/rails/init.rb
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
require 'panmind/ssl_helper
|
|
1
|
+
require 'panmind/ssl_helper'
|
|
2
2
|
Panmind::SSLHelper::Railtie.insert
|
metadata
CHANGED
|
@@ -1,45 +1,41 @@
|
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: panmind-sslhelper
|
|
3
|
-
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
- 0
|
|
7
|
-
- 8
|
|
8
|
-
- 2
|
|
9
|
-
version: 0.8.2
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.9.2
|
|
5
|
+
prerelease:
|
|
10
6
|
platform: ruby
|
|
11
|
-
authors:
|
|
7
|
+
authors:
|
|
12
8
|
- Marcello Barnaba
|
|
9
|
+
- Fabrizio Regini
|
|
13
10
|
autorequire:
|
|
14
11
|
bindir: bin
|
|
15
12
|
cert_chain: []
|
|
16
|
-
|
|
17
|
-
date: 2010-08-14 00:00:00 +02:00
|
|
13
|
+
date: 2012-02-12 00:00:00.000000000 +01:00
|
|
18
14
|
default_executable:
|
|
19
|
-
dependencies:
|
|
20
|
-
- !ruby/object:Gem::Dependency
|
|
15
|
+
dependencies:
|
|
16
|
+
- !ruby/object:Gem::Dependency
|
|
21
17
|
name: rails
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
requirements:
|
|
25
|
-
- -
|
|
26
|
-
- !ruby/object:Gem::Version
|
|
27
|
-
|
|
28
|
-
- 2
|
|
29
|
-
- 3
|
|
30
|
-
- 8
|
|
31
|
-
version: 2.3.8
|
|
18
|
+
requirement: &2160776120 !ruby/object:Gem::Requirement
|
|
19
|
+
none: false
|
|
20
|
+
requirements:
|
|
21
|
+
- - ~>
|
|
22
|
+
- !ruby/object:Gem::Version
|
|
23
|
+
version: '3.0'
|
|
32
24
|
type: :runtime
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
25
|
+
prerelease: false
|
|
26
|
+
version_requirements: *2160776120
|
|
27
|
+
description: SSLHelper provides controller helpers to require/refuse SSL onto specific
|
|
28
|
+
actions, test helpers to verify controller behaviours and named route counterparts
|
|
29
|
+
(e.g. ssl_login_url) to clean up your view and controller code. HTTP(S) ports are
|
|
30
|
+
configurable.
|
|
31
|
+
email:
|
|
32
|
+
- vjt@openssl.it
|
|
33
|
+
- freegenie@gmail.com
|
|
36
34
|
executables: []
|
|
37
|
-
|
|
38
35
|
extensions: []
|
|
39
|
-
|
|
40
|
-
extra_rdoc_files:
|
|
36
|
+
extra_rdoc_files:
|
|
41
37
|
- README.md
|
|
42
|
-
files:
|
|
38
|
+
files:
|
|
43
39
|
- README.md
|
|
44
40
|
- Rakefile
|
|
45
41
|
- lib/panmind/ssl_helper.rb
|
|
@@ -48,32 +44,26 @@ files:
|
|
|
48
44
|
has_rdoc: true
|
|
49
45
|
homepage: http://github.com/Panmind/ssl_helper
|
|
50
46
|
licenses: []
|
|
51
|
-
|
|
52
47
|
post_install_message:
|
|
53
|
-
rdoc_options:
|
|
54
|
-
|
|
55
|
-
require_paths:
|
|
48
|
+
rdoc_options: []
|
|
49
|
+
require_paths:
|
|
56
50
|
- lib
|
|
57
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
requirements:
|
|
66
|
-
- -
|
|
67
|
-
- !ruby/object:Gem::Version
|
|
68
|
-
|
|
69
|
-
- 0
|
|
70
|
-
version: "0"
|
|
51
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
52
|
+
none: false
|
|
53
|
+
requirements:
|
|
54
|
+
- - ! '>='
|
|
55
|
+
- !ruby/object:Gem::Version
|
|
56
|
+
version: '0'
|
|
57
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
58
|
+
none: false
|
|
59
|
+
requirements:
|
|
60
|
+
- - ! '>='
|
|
61
|
+
- !ruby/object:Gem::Version
|
|
62
|
+
version: '0'
|
|
71
63
|
requirements: []
|
|
72
|
-
|
|
73
64
|
rubyforge_project:
|
|
74
|
-
rubygems_version: 1.
|
|
65
|
+
rubygems_version: 1.6.2
|
|
75
66
|
signing_key:
|
|
76
67
|
specification_version: 3
|
|
77
68
|
summary: SSL requirement filters and SSL-aware named route helpers for Rails apps
|
|
78
69
|
test_files: []
|
|
79
|
-
|