rack-ssl-cure 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. data/Gemfile +4 -0
  2. data/README.md +24 -0
  3. data/lib/rack/ssl_cure.rb +13 -0
  4. data/rack-ssl-cure.gemspec +13 -0
  5. metadata +60 -0
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source :rubygems
2
+
3
+ gemspec
4
+
data/README.md ADDED
@@ -0,0 +1,24 @@
1
+ Rack::SSL sounded great, right? But now you have customers who are forced to use https and you may be
2
+ experiencing issues from slows pages to redirect loops. The problem is that Rack::SSL sets a header that
3
+ the browser stores for a year and causes the client to auto redirect to https independent of the app or
4
+ the webserver configuration.
5
+
6
+ Read more here:
7
+ http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02#page-12
8
+
9
+ All you have to do is:
10
+
11
+ Remove your Rack::SSL gem from the Gemfile and any configuration file including your config.ru if needed.
12
+
13
+ Add the following to the Gemfile:
14
+
15
+ gem 'rack-ssl-cure', require: 'rack/ssl_cure'
16
+
17
+ Add the following to your config.ru:
18
+
19
+ run Rack::SSLCure
20
+
21
+ Check any other configs. Deploy and watch your site speed up, and your customers smile.
22
+
23
+ TODO:
24
+ Write the one test. :)
data/lib/rack/ssl_cure.rb ADDED
@@ -0,0 +1,13 @@
1
+ module Rack
2
+ class SSLCure
3
+ def initialize(app)
4
+ @app = app
5
+ end
6
+
7
+ def call(env)
8
+ status, headers, response = @app.call(env)
9
+ headers.merge!('Strict-Transport-Security' => 'max-age=0')
10
+ [status, headers, response]
11
+ end
12
+ end
13
+ end
data/rack-ssl-cure.gemspec ADDED
@@ -0,0 +1,13 @@
1
+ Gem::Specification.new do |s|
2
+ s.name = 'rack-ssl-cure'
3
+ s.author = 'Paul Hepworth'
4
+ s.email = 'paul<dot>hepworth<at>peppyheppy<dot>com'
5
+ s.version = '0.0.1'
6
+ s.homepage = 'https://github.com/peppyheppy/rack-ssl-cure'
7
+ s.date = '2012-05-11'
8
+ s.summary = "Cures the damange done by rack-ssl when it set the Strict-Transport-Security header to a year."
9
+ s.description = ""
10
+ s.files = s.files = `git ls-files`.split("\n")
11
+ s.add_development_dependency "rspec", "2.6.0"
12
+ end
13
+
metadata ADDED
@@ -0,0 +1,60 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rack-ssl-cure
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Paul Hepworth
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2012-05-11 00:00:00.000000000Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: rspec
16
+ requirement: &70367026401160 !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - =
20
+ - !ruby/object:Gem::Version
21
+ version: 2.6.0
22
+ type: :development
23
+ prerelease: false
24
+ version_requirements: *70367026401160
25
+ description: ''
26
+ email: paul<dot>hepworth<at>peppyheppy<dot>com
27
+ executables: []
28
+ extensions: []
29
+ extra_rdoc_files: []
30
+ files:
31
+ - Gemfile
32
+ - README.md
33
+ - lib/rack/ssl_cure.rb
34
+ - rack-ssl-cure.gemspec
35
+ homepage: https://github.com/peppyheppy/rack-ssl-cure
36
+ licenses: []
37
+ post_install_message:
38
+ rdoc_options: []
39
+ require_paths:
40
+ - lib
41
+ required_ruby_version: !ruby/object:Gem::Requirement
42
+ none: false
43
+ requirements:
44
+ - - ! '>='
45
+ - !ruby/object:Gem::Version
46
+ version: '0'
47
+ required_rubygems_version: !ruby/object:Gem::Requirement
48
+ none: false
49
+ requirements:
50
+ - - ! '>='
51
+ - !ruby/object:Gem::Version
52
+ version: '0'
53
+ requirements: []
54
+ rubyforge_project:
55
+ rubygems_version: 1.8.15
56
+ signing_key:
57
+ specification_version: 3
58
+ summary: Cures the damange done by rack-ssl when it set the Strict-Transport-Security
59
+ header to a year.
60
+ test_files: []