rack-ssl-enforcer 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. data/README.rdoc +12 -1
  2. data/lib/rack-ssl-enforcer.rb +33 -13
  3. data/lib/rack-ssl-enforcer/version.rb +5 -0
  4. metadata +44 -29
  5. data/.document +0 -5
  6. data/.gitignore +0 -21
  7. data/Rakefile +0 -52
  8. data/VERSION +0 -1
  9. data/rack-ssl-enforcer.gemspec +0 -53
  10. data/test/helper.rb +0 -11
  11. data/test/test_rack-ssl-enforcer.rb +0 -84
data/README.rdoc CHANGED
@@ -15,6 +15,16 @@ This will redirect all plain-text requests to SSL. Rack::SslEnforcer accepts two
15
15
  You might need the :redirect_to option if the requested URL can't be determined (e.g. if using a proxy).
16
16
 
17
17
  use Rack::SslEnforcer, :redirect_to => 'https://example.org', :message => 'R-R-R-Redirecting...'
18
+
19
+ You can also define specifics regex pattern or path to redirect.
20
+
21
+ use Rack::SslEnforcer, :only => /^\/admin\//
22
+ use Rack::SslEnforcer, :only => "/login"
23
+ use Rack::SslEnforcer, :only => ["/login", /\.xml$/]
24
+
25
+ And force http for non-https path
26
+
27
+ use Rack::SslEnforcer, :only => ["/login", /\.xml$/], :strict => true
18
28
 
19
29
  == Note on Patches/Pull Requests
20
30
 
@@ -29,7 +39,8 @@ You might need the :redirect_to option if the requested URL can't be determined
29
39
  == Contributors
30
40
 
31
41
  * {Dan Mayer}[http://github.com/danmayer]
32
- * {Rémy Coutable}http://github.com/rymai]
42
+ * {Rémy Coutable}[http://github.com/rymai]
43
+ * {Thibaud Guillaume-Gentil}[http://github.com/thibaudgg]
33
44
 
34
45
  == Copyright
35
46
 
data/lib/rack-ssl-enforcer.rb CHANGED
@@ -1,28 +1,48 @@
1
1
  module Rack
2
-
3
2
  class SslEnforcer
4
3
 
5
4
  def initialize(app, options = {})
6
- @app = app
7
- @options = options
5
+ @app, @options = app, options
8
6
  end
9
7
 
10
8
  def call(env)
11
- if ssl_request?(env)
12
- @app.call(env)
13
- else
9
+ if enforce_ssl?(env) && !ssl_request?(env)
10
+ scheme = 'https'
11
+ elsif ssl_request?(env) && @options[:strict]
12
+ scheme = 'http'
13
+ end
14
+
15
+ if scheme
14
16
  @options[:redirect_to] ||= Rack::Request.new(env).url
15
- @options[:redirect_to].gsub!(/^http:/, 'https:')
16
- @options[:message] ||= "You are beeing redirected to #{@options[:redirect_to]}."
17
+ @options[:redirect_to].gsub!(/^#{scheme == "https" ? 'http' : 'https'}:/, "#{scheme}:")
18
+ @options[:message] ||= "You are being redirected to #{@options[:redirect_to]}."
17
19
  [301, { 'Location' => @options[:redirect_to] }, @options[:message]]
20
+ else
21
+ @app.call(env)
18
22
  end
19
23
  end
20
24
 
21
- private
22
-
23
- def ssl_request?(env)
24
- (env['HTTP_X_FORWARDED_PROTO'] || env['rack.url_scheme']) == 'https'
25
+ private
26
+
27
+ def ssl_request?(env)
28
+ (env['HTTP_X_FORWARDED_PROTO'] || env['rack.url_scheme']) == 'https'
29
+ end
30
+
31
+ def enforce_ssl?(env)
32
+ path = env['PATH_INFO']
33
+ if @options[:only]
34
+ rules = [@options[:only]].flatten
35
+ rules.any? do |pattern|
36
+ if pattern.is_a?(Regexp)
37
+ path =~ pattern
38
+ else
39
+ path[0,pattern.length] == pattern
40
+ end
41
+ end
42
+ else
43
+ true
25
44
  end
26
-
45
+ end
46
+
27
47
  end
28
48
  end
data/lib/rack-ssl-enforcer/version.rb ADDED
@@ -0,0 +1,5 @@
1
+ module Rack
2
+ class SslEnforcer
3
+ VERSION = "0.1.4"
4
+ end
5
+ end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-ssl-enforcer
3
3
  version: !ruby/object:Gem::Version
4
- hash: 29
4
+ hash: 19
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 1
9
- - 3
10
- version: 0.1.3
9
+ - 4
10
+ version: 0.1.4
11
11
  platform: ruby
12
12
  authors:
13
13
  - Tobias Matthies
@@ -15,50 +15,64 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-08-12 00:00:00 +02:00
18
+ date: 2010-08-30 00:00:00 +02:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
22
- name: thoughtbot-shoulda
22
+ name: bundler
23
23
  prerelease: false
24
24
  requirement: &id001 !ruby/object:Gem::Requirement
25
25
  none: false
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- hash: 3
29
+ hash: 15424063
30
30
  segments:
31
+ - 1
31
32
  - 0
32
- version: "0"
33
+ - 0
34
+ - rc
35
+ - 5
36
+ version: 1.0.0.rc.5
33
37
  type: :development
34
38
  version_requirements: *id001
35
- description:
36
- email: tm@mit2m.de
39
+ - !ruby/object:Gem::Dependency
40
+ name: shoulda
41
+ prerelease: false
42
+ requirement: &id002 !ruby/object:Gem::Requirement
43
+ none: false
44
+ requirements:
45
+ - - ~>
46
+ - !ruby/object:Gem::Version
47
+ hash: 37
48
+ segments:
49
+ - 2
50
+ - 11
51
+ - 3
52
+ version: 2.11.3
53
+ type: :development
54
+ version_requirements: *id002
55
+ description: Write a gem description!
56
+ email:
57
+ - tm@mit2m.de
37
58
  executables: []
38
59
 
39
60
  extensions: []
40
61
 
41
- extra_rdoc_files:
42
- - LICENSE
43
- - README.rdoc
62
+ extra_rdoc_files: []
63
+
44
64
  files:
45
- - .document
46
- - .gitignore
65
+ - lib/rack-ssl-enforcer/version.rb
66
+ - lib/rack-ssl-enforcer.rb
47
67
  - LICENSE
48
68
  - README.rdoc
49
- - Rakefile
50
- - VERSION
51
- - lib/rack-ssl-enforcer.rb
52
- - rack-ssl-enforcer.gemspec
53
- - test/helper.rb
54
- - test/test_rack-ssl-enforcer.rb
55
69
  has_rdoc: true
56
70
  homepage: http://github.com/tobmatth/rack-ssl-enforcer
57
71
  licenses: []
58
72
 
59
73
  post_install_message:
60
- rdoc_options:
61
- - --charset=UTF-8
74
+ rdoc_options: []
75
+
62
76
  require_paths:
63
77
  - lib
64
78
  required_ruby_version: !ruby/object:Gem::Requirement
@@ -75,17 +89,18 @@ required_rubygems_version: !ruby/object:Gem::Requirement
75
89
  requirements:
76
90
  - - ">="
77
91
  - !ruby/object:Gem::Version
78
- hash: 3
92
+ hash: 23
79
93
  segments:
80
- - 0
81
- version: "0"
94
+ - 1
95
+ - 3
96
+ - 6
97
+ version: 1.3.6
82
98
  requirements: []
83
99
 
84
- rubyforge_project:
100
+ rubyforge_project: rack-ssl-enforcer
85
101
  rubygems_version: 1.3.7
86
102
  signing_key:
87
103
  specification_version: 3
88
104
  summary: A simple Rack middleware to enforce SSL
89
- test_files:
90
- - test/helper.rb
91
- - test/test_rack-ssl-enforcer.rb
105
+ test_files: []
106
+
data/.document DELETED
@@ -1,5 +0,0 @@
1
- README.rdoc
2
- lib/**/*.rb
3
- bin/*
4
- features/**/*.feature
5
- LICENSE
data/.gitignore DELETED
@@ -1,21 +0,0 @@
1
- ## MAC OS
2
- .DS_Store
3
-
4
- ## TEXTMATE
5
- *.tmproj
6
- tmtags
7
-
8
- ## EMACS
9
- *~
10
- \#*
11
- .\#*
12
-
13
- ## VIM
14
- *.swp
15
-
16
- ## PROJECT::GENERAL
17
- coverage
18
- rdoc
19
- pkg
20
-
21
- ## PROJECT::SPECIFIC
data/Rakefile DELETED
@@ -1,52 +0,0 @@
1
- require 'rubygems'
2
- require 'rake'
3
-
4
- begin
5
- require 'jeweler'
6
- Jeweler::Tasks.new do |gem|
7
- gem.name = "rack-ssl-enforcer"
8
- gem.summary = %Q{A simple Rack middleware to enforce SSL}
9
- gem.email = "tm@mit2m.de"
10
- gem.homepage = "http://github.com/tobmatth/rack-ssl-enforcer"
11
- gem.authors = ["Tobias Matthies"]
12
- gem.add_development_dependency "thoughtbot-shoulda", ">= 0"
13
- # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
14
- end
15
- Jeweler::GemcutterTasks.new
16
- rescue LoadError
17
- puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
18
- end
19
-
20
- require 'rake/testtask'
21
- Rake::TestTask.new(:test) do |test|
22
- test.libs << 'lib' << 'test'
23
- test.pattern = 'test/**/test_*.rb'
24
- test.verbose = true
25
- end
26
-
27
- begin
28
- require 'rcov/rcovtask'
29
- Rcov::RcovTask.new do |test|
30
- test.libs << 'test'
31
- test.pattern = 'test/**/test_*.rb'
32
- test.verbose = true
33
- end
34
- rescue LoadError
35
- task :rcov do
36
- abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
37
- end
38
- end
39
-
40
- task :test => :check_dependencies
41
-
42
- task :default => :test
43
-
44
- require 'rake/rdoctask'
45
- Rake::RDocTask.new do |rdoc|
46
- version = File.exist?('VERSION') ? File.read('VERSION') : ""
47
-
48
- rdoc.rdoc_dir = 'rdoc'
49
- rdoc.title = "rack-ssl-enforcer #{version}"
50
- rdoc.rdoc_files.include('README*')
51
- rdoc.rdoc_files.include('lib/**/*.rb')
52
- end
data/VERSION DELETED
@@ -1 +0,0 @@
1
- 0.1.3
data/rack-ssl-enforcer.gemspec DELETED
@@ -1,53 +0,0 @@
1
- # Generated by jeweler
2
- # DO NOT EDIT THIS FILE DIRECTLY
3
- # Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
4
- # -*- encoding: utf-8 -*-
5
-
6
- Gem::Specification.new do |s|
7
- s.name = %q{rack-ssl-enforcer}
8
- s.version = "0.1.3"
9
-
10
- s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
- s.authors = ["Tobias Matthies"]
12
- s.date = %q{2010-08-12}
13
- s.email = %q{tm@mit2m.de}
14
- s.extra_rdoc_files = [
15
- "LICENSE",
16
- "README.rdoc"
17
- ]
18
- s.files = [
19
- ".document",
20
- ".gitignore",
21
- "LICENSE",
22
- "README.rdoc",
23
- "Rakefile",
24
- "VERSION",
25
- "lib/rack-ssl-enforcer.rb",
26
- "rack-ssl-enforcer.gemspec",
27
- "test/helper.rb",
28
- "test/test_rack-ssl-enforcer.rb"
29
- ]
30
- s.homepage = %q{http://github.com/tobmatth/rack-ssl-enforcer}
31
- s.rdoc_options = ["--charset=UTF-8"]
32
- s.require_paths = ["lib"]
33
- s.rubygems_version = %q{1.3.7}
34
- s.summary = %q{A simple Rack middleware to enforce SSL}
35
- s.test_files = [
36
- "test/helper.rb",
37
- "test/test_rack-ssl-enforcer.rb"
38
- ]
39
-
40
- if s.respond_to? :specification_version then
41
- current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
42
- s.specification_version = 3
43
-
44
- if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
45
- s.add_development_dependency(%q<thoughtbot-shoulda>, [">= 0"])
46
- else
47
- s.add_dependency(%q<thoughtbot-shoulda>, [">= 0"])
48
- end
49
- else
50
- s.add_dependency(%q<thoughtbot-shoulda>, [">= 0"])
51
- end
52
- end
53
-
data/test/helper.rb DELETED
@@ -1,11 +0,0 @@
1
- require 'rubygems'
2
- require 'test/unit'
3
- require 'shoulda'
4
- require 'rack/mock'
5
-
6
- $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
7
- $LOAD_PATH.unshift(File.dirname(__FILE__))
8
- require 'rack-ssl-enforcer'
9
-
10
- class Test::Unit::TestCase
11
- end
data/test/test_rack-ssl-enforcer.rb DELETED
@@ -1,84 +0,0 @@
1
- require 'helper'
2
-
3
- class TestRackSslEnforcer < Test::Unit::TestCase
4
-
5
- def dummy_app(env)
6
- [ 200, {'Content-Type' => 'text/plain'}, 'Hello world!' ]
7
- end
8
-
9
- context 'Given an app' do
10
- setup do
11
- @app = method(:dummy_app)
12
- end
13
-
14
- context 'that has no :redirect_to set' do
15
- setup do
16
- @request = Rack::MockRequest.new(Rack::SslEnforcer.new(@app))
17
- end
18
-
19
- should 'respond with a ssl redirect to plain-text requests' do
20
- response = @request.get('http://www.example.org/', {})
21
- assert_equal 301, response.status
22
- assert_equal response.location, 'https://www.example.org/'
23
- end
24
-
25
- #heroku / etc do proxied SSL
26
- #http://github.com/pivotal/refraction/issues/issue/2
27
- should 'respect X-Forwarded-Proto header for proxied SSL' do
28
- response = @request.get('http://www.example.org/',
29
- {'HTTP_X_FORWARDED_PROTO' => 'http',
30
- 'rack.url_scheme' => 'http'})
31
- assert_equal 301, response.status
32
- assert_equal response.location, 'https://www.example.org/'
33
- end
34
-
35
- should 'respond not redirect ssl requests' do
36
- response = @request.get('https://www.example.org/', {})
37
- assert_equal 200, response.status
38
- assert_equal response.body, 'Hello world!'
39
- end
40
-
41
- should 'respond not redirect ssl requests and respect X-Forwarded-Proto header for proxied SSL' do
42
- response = @request.get('http://www.example.org/',
43
- {'HTTP_X_FORWARDED_PROTO' => 'https',
44
- 'rack.url_scheme' => 'http'})
45
- assert_equal 200, response.status
46
- assert_equal response.body, 'Hello world!'
47
- end
48
-
49
- end
50
-
51
- context 'that has :redirect_to set' do
52
- setup do
53
- @request = Rack::MockRequest.new(Rack::SslEnforcer.new(@app, :redirect_to => 'https://www.google.com/'))
54
- end
55
-
56
- should 'respond with a ssl redirect to plain-text requests and redirect to :redirect_to' do
57
- response = @request.get('http://www.example.org/', {})
58
- assert_equal 301, response.status
59
- assert_equal response.location, 'https://www.google.com/'
60
- end
61
-
62
- should 'respond not redirect ssl requests' do
63
- response = @request.get('https://www.example.org/', {})
64
- assert_equal 200, response.status
65
- assert_equal response.body, 'Hello world!'
66
- end
67
- end
68
-
69
- context 'that has :message set' do
70
- setup do
71
- @message = 'R-R-R-Redirect!'
72
- @request = Rack::MockRequest.new(Rack::SslEnforcer.new(@app, :message => @message))
73
- end
74
-
75
- should 'output the given message when redirecting' do
76
- response = @request.get('http://www.example.org/', {})
77
- assert_equal 301, response.status
78
- assert_equal response.body, @message
79
- end
80
- end
81
-
82
- end
83
-
84
- end