rack-ssl-enforcer 0.1.3 → 0.1.4

data/README.rdoc

@@ -15,6 +15,16 @@ This will redirect all plain-text requests to SSL. Rack::SslEnforcer accepts two
 You might need the :redirect_to option if the requested URL can't be determined (e.g. if using a proxy).
 
   use Rack::SslEnforcer, :redirect_to => 'https://example.org', :message => 'R-R-R-Redirecting...'
+  
+You can also define specifics regex pattern or path to redirect.
+  
+  use Rack::SslEnforcer, :only => /^\/admin\//
+  use Rack::SslEnforcer, :only => "/login"
+  use Rack::SslEnforcer, :only => ["/login", /\.xml$/]
+  
+And force http for non-https path
+
+  use Rack::SslEnforcer, :only => ["/login", /\.xml$/], :strict => true
 
 == Note on Patches/Pull Requests
  
@@ -29,7 +39,8 @@ You might need the :redirect_to option if the requested URL can't be determined
 == Contributors
 
 * {Dan Mayer}[http://github.com/danmayer]
-* {Rémy Coutable}http://github.com/rymai]
+* {Rémy Coutable}[http://github.com/rymai]
+* {Thibaud Guillaume-Gentil}[http://github.com/thibaudgg]
 
 == Copyright
 

data/lib/rack-ssl-enforcer.rb

@@ -1,28 +1,48 @@
 module Rack
-  
   class SslEnforcer
     
     def initialize(app, options = {})
-      @app     = app
-      @options = options
+      @app, @options = app, options
     end
     
     def call(env)
-      if ssl_request?(env)
-        @app.call(env)
-      else
+      if enforce_ssl?(env) && !ssl_request?(env)
+        scheme = 'https'
+      elsif ssl_request?(env) && @options[:strict]
+        scheme = 'http'
+      end
+      
+      if scheme
         @options[:redirect_to] ||= Rack::Request.new(env).url
-        @options[:redirect_to].gsub!(/^http:/, 'https:')
-        @options[:message] ||= "You are beeing redirected to #{@options[:redirect_to]}."
+        @options[:redirect_to].gsub!(/^#{scheme == "https" ? 'http' : 'https'}:/, "#{scheme}:")
+        @options[:message] ||= "You are being redirected to #{@options[:redirect_to]}."
         [301, { 'Location' => @options[:redirect_to] }, @options[:message]]
+      else
+        @app.call(env)
       end
     end
     
-    private
-      
-      def ssl_request?(env)
-        (env['HTTP_X_FORWARDED_PROTO'] || env['rack.url_scheme']) == 'https'
+  private
+    
+    def ssl_request?(env)
+      (env['HTTP_X_FORWARDED_PROTO'] || env['rack.url_scheme']) == 'https'
+    end
+    
+    def enforce_ssl?(env)
+      path = env['PATH_INFO']
+      if @options[:only]
+        rules = [@options[:only]].flatten
+        rules.any? do |pattern|
+          if pattern.is_a?(Regexp)
+            path =~ pattern
+          else
+            path[0,pattern.length] == pattern
+          end
+        end
+      else
+        true
       end
-      
+    end
+    
   end
 end

data/lib/rack-ssl-enforcer/version.rb

@@ -0,0 +1,5 @@
+module Rack
+  class SslEnforcer
+    VERSION = "0.1.4"
+  end
+end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: rack-ssl-enforcer
 version: !ruby/object:Gem::Version 
-  hash: 29
+  hash: 19
   prerelease: false
   segments: 
   - 0
   - 1
-  - 3
-  version: 0.1.3
+  - 4
+  version: 0.1.4
 platform: ruby
 authors: 
 - Tobias Matthies
@@ -15,50 +15,64 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-08-12 00:00:00 +02:00
+date: 2010-08-30 00:00:00 +02:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
-  name: thoughtbot-shoulda
+  name: bundler
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        hash: 3
+        hash: 15424063
         segments: 
+        - 1
         - 0
-        version: "0"
+        - 0
+        - rc
+        - 5
+        version: 1.0.0.rc.5
   type: :development
   version_requirements: *id001
-description: 
-email: tm@mit2m.de
+- !ruby/object:Gem::Dependency 
+  name: shoulda
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 37
+        segments: 
+        - 2
+        - 11
+        - 3
+        version: 2.11.3
+  type: :development
+  version_requirements: *id002
+description: Write a gem description!
+email: 
+- tm@mit2m.de
 executables: []
 
 extensions: []
 
-extra_rdoc_files: 
-- LICENSE
-- README.rdoc
+extra_rdoc_files: []
+
 files: 
-- .document
-- .gitignore
+- lib/rack-ssl-enforcer/version.rb
+- lib/rack-ssl-enforcer.rb
 - LICENSE
 - README.rdoc
-- Rakefile
-- VERSION
-- lib/rack-ssl-enforcer.rb
-- rack-ssl-enforcer.gemspec
-- test/helper.rb
-- test/test_rack-ssl-enforcer.rb
 has_rdoc: true
 homepage: http://github.com/tobmatth/rack-ssl-enforcer
 licenses: []
 
 post_install_message: 
-rdoc_options: 
-- --charset=UTF-8
+rdoc_options: []
+
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
@@ -75,17 +89,18 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3
+      hash: 23
       segments: 
-      - 0
-      version: "0"
+      - 1
+      - 3
+      - 6
+      version: 1.3.6
 requirements: []
 
-rubyforge_project: 
+rubyforge_project: rack-ssl-enforcer
 rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
 summary: A simple Rack middleware to enforce SSL
-test_files: 
-- test/helper.rb
-- test/test_rack-ssl-enforcer.rb
+test_files: []
+

data/.document

@@ -1,5 +0,0 @@
-README.rdoc
-lib/**/*.rb
-bin/*
-features/**/*.feature
-LICENSE

data/.gitignore

@@ -1,21 +0,0 @@
-## MAC OS
-.DS_Store
-
-## TEXTMATE
-*.tmproj
-tmtags
-
-## EMACS
-*~
-\#*
-.\#*
-
-## VIM
-*.swp
-
-## PROJECT::GENERAL
-coverage
-rdoc
-pkg
-
-## PROJECT::SPECIFIC

data/Rakefile

@@ -1,52 +0,0 @@
-require 'rubygems'
-require 'rake'
-
-begin
-  require 'jeweler'
-  Jeweler::Tasks.new do |gem|
-    gem.name = "rack-ssl-enforcer"
-    gem.summary = %Q{A simple Rack middleware to enforce SSL}
-    gem.email = "tm@mit2m.de"
-    gem.homepage = "http://github.com/tobmatth/rack-ssl-enforcer"
-    gem.authors = ["Tobias Matthies"]
-    gem.add_development_dependency "thoughtbot-shoulda", ">= 0"
-    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
-  end
-  Jeweler::GemcutterTasks.new
-rescue LoadError
-  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
-end
-
-require 'rake/testtask'
-Rake::TestTask.new(:test) do |test|
-  test.libs << 'lib' << 'test'
-  test.pattern = 'test/**/test_*.rb'
-  test.verbose = true
-end
-
-begin
-  require 'rcov/rcovtask'
-  Rcov::RcovTask.new do |test|
-    test.libs << 'test'
-    test.pattern = 'test/**/test_*.rb'
-    test.verbose = true
-  end
-rescue LoadError
-  task :rcov do
-    abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
-  end
-end
-
-task :test => :check_dependencies
-
-task :default => :test
-
-require 'rake/rdoctask'
-Rake::RDocTask.new do |rdoc|
-  version = File.exist?('VERSION') ? File.read('VERSION') : ""
-
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title = "rack-ssl-enforcer #{version}"
-  rdoc.rdoc_files.include('README*')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end

data/VERSION

@@ -1 +0,0 @@
-0.1.3

data/rack-ssl-enforcer.gemspec

@@ -1,53 +0,0 @@
-# Generated by jeweler
-# DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
-# -*- encoding: utf-8 -*-
-
-Gem::Specification.new do |s|
-  s.name = %q{rack-ssl-enforcer}
-  s.version = "0.1.3"
-
-  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Tobias Matthies"]
-  s.date = %q{2010-08-12}
-  s.email = %q{tm@mit2m.de}
-  s.extra_rdoc_files = [
-    "LICENSE",
-     "README.rdoc"
-  ]
-  s.files = [
-    ".document",
-     ".gitignore",
-     "LICENSE",
-     "README.rdoc",
-     "Rakefile",
-     "VERSION",
-     "lib/rack-ssl-enforcer.rb",
-     "rack-ssl-enforcer.gemspec",
-     "test/helper.rb",
-     "test/test_rack-ssl-enforcer.rb"
-  ]
-  s.homepage = %q{http://github.com/tobmatth/rack-ssl-enforcer}
-  s.rdoc_options = ["--charset=UTF-8"]
-  s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.7}
-  s.summary = %q{A simple Rack middleware to enforce SSL}
-  s.test_files = [
-    "test/helper.rb",
-     "test/test_rack-ssl-enforcer.rb"
-  ]
-
-  if s.respond_to? :specification_version then
-    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
-    s.specification_version = 3
-
-    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_development_dependency(%q<thoughtbot-shoulda>, [">= 0"])
-    else
-      s.add_dependency(%q<thoughtbot-shoulda>, [">= 0"])
-    end
-  else
-    s.add_dependency(%q<thoughtbot-shoulda>, [">= 0"])
-  end
-end
-

data/test/helper.rb

@@ -1,11 +0,0 @@
-require 'rubygems'
-require 'test/unit'
-require 'shoulda'
-require 'rack/mock'
-
-$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
-$LOAD_PATH.unshift(File.dirname(__FILE__))
-require 'rack-ssl-enforcer'
-
-class Test::Unit::TestCase
-end

data/test/test_rack-ssl-enforcer.rb

@@ -1,84 +0,0 @@
-require 'helper'
-
-class TestRackSslEnforcer < Test::Unit::TestCase
-
-  def dummy_app(env)
-    [ 200, {'Content-Type' => 'text/plain'}, 'Hello world!' ]
-  end
-
-  context 'Given an app' do
-    setup do
-      @app = method(:dummy_app)
-    end
-
-    context 'that has no :redirect_to set' do
-      setup do
-        @request  = Rack::MockRequest.new(Rack::SslEnforcer.new(@app))
-      end
-      
-      should 'respond with a ssl redirect to plain-text requests' do
-        response = @request.get('http://www.example.org/', {})
-        assert_equal 301, response.status
-        assert_equal response.location, 'https://www.example.org/'
-      end
-
-      #heroku / etc do proxied SSL
-      #http://github.com/pivotal/refraction/issues/issue/2
-      should 'respect X-Forwarded-Proto header for proxied SSL' do
-        response = @request.get('http://www.example.org/',
-                                {'HTTP_X_FORWARDED_PROTO' => 'http',
-                                  'rack.url_scheme' => 'http'})
-        assert_equal 301, response.status
-        assert_equal response.location, 'https://www.example.org/'
-      end
-      
-      should 'respond not redirect ssl requests' do
-        response = @request.get('https://www.example.org/', {})
-        assert_equal 200, response.status
-        assert_equal response.body, 'Hello world!'
-      end
-
-      should 'respond not redirect ssl requests and respect X-Forwarded-Proto header for proxied SSL' do
-         response = @request.get('http://www.example.org/',
-                                {'HTTP_X_FORWARDED_PROTO' => 'https',
-                                  'rack.url_scheme' => 'http'})
-        assert_equal 200, response.status
-        assert_equal response.body, 'Hello world!'
-      end
-
-    end
-    
-    context 'that has :redirect_to set' do
-      setup do
-        @request  = Rack::MockRequest.new(Rack::SslEnforcer.new(@app, :redirect_to => 'https://www.google.com/'))
-      end
-      
-      should 'respond with a ssl redirect to plain-text requests and redirect to :redirect_to' do
-        response = @request.get('http://www.example.org/', {})
-        assert_equal 301, response.status
-        assert_equal response.location, 'https://www.google.com/'
-      end
-      
-      should 'respond not redirect ssl requests' do
-        response = @request.get('https://www.example.org/', {})
-        assert_equal 200, response.status
-        assert_equal response.body, 'Hello world!'
-      end
-    end
-    
-    context 'that has :message set' do
-      setup do
-        @message = 'R-R-R-Redirect!'
-        @request  = Rack::MockRequest.new(Rack::SslEnforcer.new(@app, :message => @message))
-      end
-      
-      should 'output the given message when redirecting' do
-        response = @request.get('http://www.example.org/', {})
-        assert_equal 301, response.status
-        assert_equal response.body, @message
-      end
-    end
-    
-  end
-
-end