rack-wwwhisper 1.1.0 → 1.1.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -58,9 +58,9 @@ class WWWhisper
58
58
  @@AUTH_COOKIES_PREFIX = 'wwwhisper'
59
59
  # Headers that are passed to wwwhisper ('Cookie' is handled
60
60
  # in a special way: only wwwhisper related cookies are passed).
61
- # In addition, the original Host header is passed as X-Forwarded-Host.
61
+ # In addition, the current site url is passed in the Site-Url header.
62
62
  @@FORWARDED_HEADERS = ['Accept', 'Accept-Language', 'Cookie', 'Origin',
63
- 'X-CSRFToken', 'X-Forwarded-Proto', 'X-Requested-With']
63
+ 'X-CSRFToken', 'X-Requested-With']
64
64
  @@DEFAULT_IFRAME = \
65
65
  %Q[<iframe id="wwwhisper-iframe" src="%s" width="340" height="29"
66
66
  frameborder="0" scrolling="no" style="position:fixed; overflow:hidden;
@@ -177,8 +177,8 @@ class WWWhisper
177
177
  def sub_request_init(rack_req, method, path)
178
178
  sub_req = Net::HTTP.const_get(method).new(path)
179
179
  copy_headers(rack_req.env, sub_req)
180
- sub_req['X-Forwarded-Host'] = rack_req.env['HTTP_HOST']
181
- sub_req['X-Forwarded-Proto'] ||= rack_req.scheme
180
+ scheme = rack_req.env['HTTP_X_FORWARDED_PROTO'] ||= rack_req.scheme
181
+ sub_req['Site-Url'] = "#{scheme}://#{rack_req.env['HTTP_HOST']}"
182
182
  if @wwwhisper_uri.user and @wwwhisper_uri.password
183
183
  sub_req.basic_auth(@wwwhisper_uri.user, @wwwhisper_uri.password)
184
184
  end
@@ -260,21 +260,17 @@ class TestWWWhisper < Test::Unit::TestCase
260
260
  assert_equal 'invalid request', last_response.body
261
261
  end
262
262
 
263
- def test_x_forwarded_headers
263
+ def test_site_url
264
264
  path = '/wwwhisper/admin/index.html'
265
265
 
266
266
  # X-Forwarded headers must be sent to wwwhisper backend.
267
267
  stub_request(:get, full_url(@wwwhisper.auth_query(path))).
268
268
  with(:headers => {
269
- 'X-Forwarded-Host' => SITE_HOST,
270
- 'X-Forwarded-Proto' => SITE_PROTO,
269
+ 'Site-url' => "#{SITE_PROTO}://#{SITE_HOST}"
271
270
  }).
272
271
  to_return(granted())
273
272
  stub_request(:get, full_url(path)).
274
- with(:headers => {
275
- 'X-Forwarded-Host' => SITE_HOST,
276
- 'X-Forwarded-Proto' => SITE_PROTO,
277
- }).
273
+ with(:headers => {'Site-url' => "#{SITE_PROTO}://#{SITE_HOST}"}).
278
274
  to_return(:status => 200, :body => 'Admin page', :headers => {})
279
275
 
280
276
  get path
@@ -290,7 +286,7 @@ class TestWWWhisper < Test::Unit::TestCase
290
286
  host = 'localhost:5000'
291
287
  stub_request(:get, full_url(@wwwhisper.auth_query(path))).
292
288
  # Test makes sure that port is not repeated in Site-Url.
293
- with(:headers => {'X-Forwarded-Host' => host}).
289
+ with(:headers => {'Site-Url' => "#{SITE_PROTO}://#{host}"}).
294
290
  to_return(:status => 401, :body => 'Login required', :headers => {})
295
291
 
296
292
  get(path, {}, {'HTTP_HOST' => host})
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-wwwhisper
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 1.1.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -131,7 +131,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
131
131
  version: '0'
132
132
  segments:
133
133
  - 0
134
- hash: 3463097767127012702
134
+ hash: -3079132124466735415
135
135
  required_rubygems_version: !ruby/object:Gem::Requirement
136
136
  none: false
137
137
  requirements:
@@ -140,7 +140,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
140
140
  version: '0'
141
141
  segments:
142
142
  - 0
143
- hash: 3463097767127012702
143
+ hash: -3079132124466735415
144
144
  requirements: []
145
145
  rubyforge_project:
146
146
  rubygems_version: 1.8.24