panmind-sslhelper 0.8.2 → 0.9.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +30 -7
- data/Rakefile +6 -6
- data/lib/panmind/ssl_helper.rb +53 -30
- data/lib/panmind/ssl_helper/railtie.rb +11 -1
- data/rails/init.rb +1 -1
- metadata +41 -51
data/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
SSLHelper: an SSL plugin for Rails
|
|
2
|
-
|
|
1
|
+
SSLHelper: an SSL plugin for Rails 3
|
|
2
|
+
====================================
|
|
3
3
|
|
|
4
4
|
Purpose
|
|
5
5
|
-------
|
|
@@ -17,7 +17,7 @@ Via RubyGems:
|
|
|
17
17
|
|
|
18
18
|
Or via Rails Plugin:
|
|
19
19
|
|
|
20
|
-
|
|
20
|
+
rails plugin install git://github.com/Panmind/ssl_helper.git
|
|
21
21
|
|
|
22
22
|
Usage
|
|
23
23
|
-----
|
|
@@ -66,7 +66,7 @@ tests (e.g. use them in your `setup` method).
|
|
|
66
66
|
Compatibility
|
|
67
67
|
-------------
|
|
68
68
|
|
|
69
|
-
Tested with Rails
|
|
69
|
+
Tested with Rails 3.0.3 running under Ruby 1.9.2p0
|
|
70
70
|
|
|
71
71
|
|
|
72
72
|
Server configuration
|
|
@@ -74,8 +74,11 @@ Server configuration
|
|
|
74
74
|
|
|
75
75
|
The plugin relies on the HTTPS server variable, that is set automatically by
|
|
76
76
|
Rails if the `X-Forwarded-Proto` header is set to `https`. To avoid clients
|
|
77
|
-
setting that header, take care to add
|
|
78
|
-
|
|
77
|
+
setting that header, take care to add the corresponding configuration for your web server.
|
|
78
|
+
|
|
79
|
+
Nginx
|
|
80
|
+
=====
|
|
81
|
+
Set `proxy_set_header` in your nginx config file, such as:
|
|
79
82
|
|
|
80
83
|
server {
|
|
81
84
|
listen 80;
|
|
@@ -97,4 +100,24 @@ config file, such as:
|
|
|
97
100
|
}
|
|
98
101
|
}
|
|
99
102
|
|
|
100
|
-
|
|
103
|
+
|
|
104
|
+
Apache
|
|
105
|
+
=====
|
|
106
|
+
Set RequestHeader in your apache sites, such as:
|
|
107
|
+
|
|
108
|
+
<VirtualHost *:80>
|
|
109
|
+
|
|
110
|
+
...
|
|
111
|
+
|
|
112
|
+
RequestHeader set X_FORWARDED_PROTO 'http'
|
|
113
|
+
</VirtualHost>
|
|
114
|
+
|
|
115
|
+
|
|
116
|
+
<IfModule mod_ssl.c>
|
|
117
|
+
<VirtualHost *:443>
|
|
118
|
+
|
|
119
|
+
...
|
|
120
|
+
|
|
121
|
+
RequestHeader set X_FORWARDED_PROTO 'https'
|
|
122
|
+
</VirtualHost>
|
|
123
|
+
</IfModule>
|
data/Rakefile
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
require 'rake'
|
|
2
|
-
require '
|
|
2
|
+
require 'rdoc/task'
|
|
3
3
|
|
|
4
|
-
require 'lib/panmind/ssl_helper'
|
|
4
|
+
require './lib/panmind/ssl_helper'
|
|
5
5
|
|
|
6
6
|
begin
|
|
7
7
|
require 'jeweler'
|
|
@@ -14,8 +14,8 @@ begin
|
|
|
14
14
|
'and named route counterparts (e.g. ssl_login_url) to clean up your '\
|
|
15
15
|
'view and controller code. HTTP(S) ports are configurable.'
|
|
16
16
|
|
|
17
|
-
gemspec.authors = ['Marcello Barnaba']
|
|
18
|
-
gemspec.email = 'vjt@openssl.it'
|
|
17
|
+
gemspec.authors = ['Marcello Barnaba', 'Fabrizio Regini']
|
|
18
|
+
gemspec.email = ['vjt@openssl.it', 'freegenie@gmail.com']
|
|
19
19
|
gemspec.homepage = 'http://github.com/Panmind/ssl_helper'
|
|
20
20
|
|
|
21
21
|
gemspec.files = %w( README.md Rakefile rails/init.rb ) + Dir['lib/**/*']
|
|
@@ -23,11 +23,11 @@ begin
|
|
|
23
23
|
gemspec.has_rdoc = true
|
|
24
24
|
|
|
25
25
|
gemspec.version = Panmind::SSLHelper::Version
|
|
26
|
-
gemspec.date = '
|
|
26
|
+
gemspec.date = '2012-02-12'
|
|
27
27
|
|
|
28
28
|
gemspec.require_path = 'lib'
|
|
29
29
|
|
|
30
|
-
gemspec.add_dependency
|
|
30
|
+
gemspec.add_dependency 'rails', '~> 3.0'
|
|
31
31
|
end
|
|
32
32
|
rescue LoadError
|
|
33
33
|
puts 'Jeweler not available. Install it with: gem install jeweler'
|
data/lib/panmind/ssl_helper.rb
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
|
+
require 'panmind/ssl_helper/railtie' if defined? Rails
|
|
2
|
+
|
|
1
3
|
module Panmind
|
|
2
4
|
module SSLHelper
|
|
3
|
-
Version = '0.
|
|
5
|
+
Version = '0.9.2'
|
|
4
6
|
|
|
5
7
|
WITH_SSL = {:protocol => 'https'}
|
|
6
8
|
WITHOUT_SSL = {:protocol => 'http' }
|
|
@@ -19,30 +21,39 @@ module Panmind
|
|
|
19
21
|
end
|
|
20
22
|
|
|
21
23
|
module Routing
|
|
22
|
-
def
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
24
|
+
def self.included(base)
|
|
25
|
+
base.instance_eval do
|
|
26
|
+
alias_method_chain :finalize!, :ssl
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
Classes = [
|
|
31
|
+
ActionController::Base,
|
|
32
|
+
ActionController::Integration::Session,
|
|
33
|
+
ActionController::TestCase,
|
|
34
|
+
|
|
35
|
+
ActionView::Base
|
|
36
|
+
] if defined? Rails
|
|
37
|
+
|
|
38
|
+
def finalize_with_ssl!
|
|
39
|
+
helpers = create_ssl_helpers
|
|
40
|
+
return unless helpers # Not ready yet.
|
|
41
|
+
|
|
42
|
+
return if Classes.first.included_modules.include? helpers
|
|
43
|
+
|
|
44
|
+
# Include the helper_module into each class to patch.
|
|
45
|
+
#
|
|
46
|
+
Classes.each {|k| k.instance_eval { include helpers } }
|
|
47
|
+
|
|
48
|
+
# Set the helpers as public in the AC::Integration::Session class
|
|
49
|
+
# for easy testing in the console.
|
|
50
|
+
#
|
|
51
|
+
ActionController::Integration::Session.module_eval do
|
|
52
|
+
public *helpers.instance_methods
|
|
45
53
|
end
|
|
54
|
+
|
|
55
|
+
ensure
|
|
56
|
+
finalize_without_ssl!
|
|
46
57
|
end
|
|
47
58
|
|
|
48
59
|
# Populates the @ssl_helpers module with ssl_ and plain_ helper
|
|
@@ -56,16 +67,16 @@ module Panmind
|
|
|
56
67
|
return @ssl_helpers if @ssl_helpers.frozen?
|
|
57
68
|
|
|
58
69
|
route_helpers =
|
|
59
|
-
if defined?
|
|
70
|
+
if defined? Rails.application.routes.named_routes.helpers
|
|
60
71
|
# This is a Private Rails API, so we check whether it's defined
|
|
61
72
|
# and reject all the hash_for_*() and the *_path() helpers.
|
|
62
73
|
#
|
|
63
|
-
|
|
64
|
-
reject { |h| h
|
|
74
|
+
Rails.application.routes.named_routes.helpers.
|
|
75
|
+
reject { |h| h =~ /^hash_for|path$/ }
|
|
65
76
|
else
|
|
66
77
|
# Warn the developer and fall back.
|
|
67
78
|
#
|
|
68
|
-
Rails.logger.warn "SSLHelper:
|
|
79
|
+
Rails.logger.warn "SSLHelper: Rails.application.routes.named_routes.helpers disappeared"
|
|
69
80
|
Rails.logger.warn "SSLHelper: falling back to filtering controller methods"
|
|
70
81
|
|
|
71
82
|
ac = ActionController::Base
|
|
@@ -135,11 +146,19 @@ module Panmind
|
|
|
135
146
|
|
|
136
147
|
protected
|
|
137
148
|
def ssl_required
|
|
138
|
-
|
|
149
|
+
unless request.ssl?
|
|
150
|
+
raise SSLHelper::SSLRequired unless request.get?
|
|
151
|
+
Rails.logger.info("SSL Helper: redirecting to SSL url")
|
|
152
|
+
redirect_to params.merge(WITH_SSL)
|
|
153
|
+
end
|
|
139
154
|
end
|
|
140
155
|
|
|
141
156
|
def ssl_refused
|
|
142
|
-
|
|
157
|
+
if request.ssl?
|
|
158
|
+
raise SSLHelper::SSLRefused unless request.get?
|
|
159
|
+
Rails.logger.info("SSL Helper: redirecting to non-SSL url")
|
|
160
|
+
redirect_to params.merge(WITHOUT_SSL)
|
|
161
|
+
end
|
|
143
162
|
end
|
|
144
163
|
end # Filters
|
|
145
164
|
|
|
@@ -175,5 +194,9 @@ module Panmind
|
|
|
175
194
|
@request.env.update('HTTPS' => https, 'SERVER_PORT' => port)
|
|
176
195
|
end
|
|
177
196
|
end # TestHelpers
|
|
197
|
+
|
|
198
|
+
class SSLRequired < StandardError ; end
|
|
199
|
+
class SSLRefused < StandardError ; end
|
|
200
|
+
|
|
178
201
|
end # SSLHelper
|
|
179
202
|
end # Panmind
|
|
@@ -3,9 +3,19 @@ require 'panmind/ssl_helper'
|
|
|
3
3
|
module Panmind
|
|
4
4
|
module SSLHelper
|
|
5
5
|
|
|
6
|
+
if defined? Rails::Railtie
|
|
7
|
+
class Railtie < Rails::Railtie
|
|
8
|
+
initializer 'panmind.ssl_helper.insert_into_action_controller' do
|
|
9
|
+
ActiveSupport.on_load :action_controller do
|
|
10
|
+
Panmind::SSLHelper::Railtie.insert
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
|
|
6
16
|
class Railtie
|
|
7
17
|
def self.insert
|
|
8
|
-
ActionController::Routing::
|
|
18
|
+
ActionController::Routing::RouteSet.instance_eval { include Panmind::SSLHelper::Routing }
|
|
9
19
|
ActionController::Base.instance_eval { include Panmind::SSLHelper::Filters }
|
|
10
20
|
ActiveSupport::TestCase.instance_eval { include Panmind::SSLHelper::TestHelpers } if Rails.env.test?
|
|
11
21
|
end
|
data/rails/init.rb
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
require 'panmind/ssl_helper
|
|
1
|
+
require 'panmind/ssl_helper'
|
|
2
2
|
Panmind::SSLHelper::Railtie.insert
|
metadata
CHANGED
|
@@ -1,45 +1,41 @@
|
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: panmind-sslhelper
|
|
3
|
-
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
- 0
|
|
7
|
-
- 8
|
|
8
|
-
- 2
|
|
9
|
-
version: 0.8.2
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.9.2
|
|
5
|
+
prerelease:
|
|
10
6
|
platform: ruby
|
|
11
|
-
authors:
|
|
7
|
+
authors:
|
|
12
8
|
- Marcello Barnaba
|
|
9
|
+
- Fabrizio Regini
|
|
13
10
|
autorequire:
|
|
14
11
|
bindir: bin
|
|
15
12
|
cert_chain: []
|
|
16
|
-
|
|
17
|
-
date: 2010-08-14 00:00:00 +02:00
|
|
13
|
+
date: 2012-02-12 00:00:00.000000000 +01:00
|
|
18
14
|
default_executable:
|
|
19
|
-
dependencies:
|
|
20
|
-
- !ruby/object:Gem::Dependency
|
|
15
|
+
dependencies:
|
|
16
|
+
- !ruby/object:Gem::Dependency
|
|
21
17
|
name: rails
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
requirements:
|
|
25
|
-
- -
|
|
26
|
-
- !ruby/object:Gem::Version
|
|
27
|
-
|
|
28
|
-
- 2
|
|
29
|
-
- 3
|
|
30
|
-
- 8
|
|
31
|
-
version: 2.3.8
|
|
18
|
+
requirement: &2160776120 !ruby/object:Gem::Requirement
|
|
19
|
+
none: false
|
|
20
|
+
requirements:
|
|
21
|
+
- - ~>
|
|
22
|
+
- !ruby/object:Gem::Version
|
|
23
|
+
version: '3.0'
|
|
32
24
|
type: :runtime
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
25
|
+
prerelease: false
|
|
26
|
+
version_requirements: *2160776120
|
|
27
|
+
description: SSLHelper provides controller helpers to require/refuse SSL onto specific
|
|
28
|
+
actions, test helpers to verify controller behaviours and named route counterparts
|
|
29
|
+
(e.g. ssl_login_url) to clean up your view and controller code. HTTP(S) ports are
|
|
30
|
+
configurable.
|
|
31
|
+
email:
|
|
32
|
+
- vjt@openssl.it
|
|
33
|
+
- freegenie@gmail.com
|
|
36
34
|
executables: []
|
|
37
|
-
|
|
38
35
|
extensions: []
|
|
39
|
-
|
|
40
|
-
extra_rdoc_files:
|
|
36
|
+
extra_rdoc_files:
|
|
41
37
|
- README.md
|
|
42
|
-
files:
|
|
38
|
+
files:
|
|
43
39
|
- README.md
|
|
44
40
|
- Rakefile
|
|
45
41
|
- lib/panmind/ssl_helper.rb
|
|
@@ -48,32 +44,26 @@ files:
|
|
|
48
44
|
has_rdoc: true
|
|
49
45
|
homepage: http://github.com/Panmind/ssl_helper
|
|
50
46
|
licenses: []
|
|
51
|
-
|
|
52
47
|
post_install_message:
|
|
53
|
-
rdoc_options:
|
|
54
|
-
|
|
55
|
-
require_paths:
|
|
48
|
+
rdoc_options: []
|
|
49
|
+
require_paths:
|
|
56
50
|
- lib
|
|
57
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
requirements:
|
|
66
|
-
- -
|
|
67
|
-
- !ruby/object:Gem::Version
|
|
68
|
-
|
|
69
|
-
- 0
|
|
70
|
-
version: "0"
|
|
51
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
52
|
+
none: false
|
|
53
|
+
requirements:
|
|
54
|
+
- - ! '>='
|
|
55
|
+
- !ruby/object:Gem::Version
|
|
56
|
+
version: '0'
|
|
57
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
58
|
+
none: false
|
|
59
|
+
requirements:
|
|
60
|
+
- - ! '>='
|
|
61
|
+
- !ruby/object:Gem::Version
|
|
62
|
+
version: '0'
|
|
71
63
|
requirements: []
|
|
72
|
-
|
|
73
64
|
rubyforge_project:
|
|
74
|
-
rubygems_version: 1.
|
|
65
|
+
rubygems_version: 1.6.2
|
|
75
66
|
signing_key:
|
|
76
67
|
specification_version: 3
|
|
77
68
|
summary: SSL requirement filters and SSL-aware named route helpers for Rails apps
|
|
78
69
|
test_files: []
|
|
79
|
-
|