revo-ssl_requirement 1.0.0 → 1.1.0

data/VERSION

@@ -1 +1 @@
-1.0.0
+1.1.0

data/lib/ssl_requirement.rb

@@ -22,7 +22,7 @@ require "#{File.dirname(__FILE__)}/url_rewriter"
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 module SslRequirement
   mattr_accessor :ssl_host, :non_ssl_host
-  
+
   def self.included(controller)
     controller.extend(ClassMethods)
     controller.before_filter(:ensure_proper_protocol)
@@ -52,35 +52,67 @@ module SslRequirement
   end
 
   protected
-    # Returns true if the current action is supposed to run as SSL
-    def ssl_required?
-      required = (self.class.read_inheritable_attribute(:ssl_required_actions) || [])
-      except  = self.class.read_inheritable_attribute(:ssl_required_except_actions)
-
-      unless except
-        required.include?(action_name.to_sym)
-      else
-        !except.include?(action_name.to_sym)
-      end
-    end
+  # Returns true if the current action is supposed to run as SSL
+  def ssl_required?
+    required = (self.class.read_inheritable_attribute(:ssl_required_actions) || [])
+    except  = self.class.read_inheritable_attribute(:ssl_required_except_actions)
 
-    def ssl_allowed?
-      (self.class.read_inheritable_attribute(:ssl_allowed_actions) || []).include?(action_name.to_sym)
+    unless except
+      required.include?(action_name.to_sym)
+    else
+      !except.include?(action_name.to_sym)
     end
+  end
+
+  def ssl_allowed?
+    (self.class.read_inheritable_attribute(:ssl_allowed_actions) || []).include?(action_name.to_sym)
+  end
+
+  # normal ports are the ports used when no port is specified by the user to the browser
+  # i.e. 80 if the protocol is http, 443 is the protocol is https
+  NORMAL_PORTS = [80, 443]
 
   private
-    def ensure_proper_protocol
-      return true if SslRequirement.disable_ssl_check?
-      return true if ssl_allowed?
-
-      if ssl_required? && !request.ssl?
-        redirect_to "https://" + (ssl_host || request.host) + request.request_uri
-        flash.keep
-        return false
-      elsif request.ssl? && !ssl_required?
-        redirect_to "http://" + (non_ssl_host || request.host) + request.request_uri
-        flash.keep
-        return false
-      end
+  def ensure_proper_protocol
+    return true if SslRequirement.disable_ssl_check?
+    return true if ssl_allowed?
+
+    if ssl_required? && !request.ssl?
+      redirect_to determine_redirect_url(request, true)
+      flash.keep
+      return false
+    elsif request.ssl? && !ssl_required?
+      redirect_to determine_redirect_url(request, false)
+      flash.keep
+      return false
     end
-end
+  end
+
+  def determine_redirect_url(request, ssl)
+    protocol = ssl ? "https" : "http"
+    "#{protocol}://#{determine_host_and_port(request, ssl)}#{request.request_uri}"
+  end
+
+  def determine_host_and_port(request, ssl)
+    request_host = request.host
+    request_port = request.port
+
+    if ssl
+      "#{(ssl_host || request_host)}#{determine_port_string(request_port)}"
+    else
+      "#{(non_ssl_host || request_host)}#{determine_port_string(request_port)}"
+    end
+  end
+
+  def determine_port_string(port)
+    unless port_normal?(port)
+      ":#{port}"
+    else
+      ""
+    end
+  end
+
+  def port_normal?(port)
+    NORMAL_PORTS.include?(port)
+  end
+end

data/revo-ssl_requirement.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{revo-ssl_requirement}
-  s.version = "1.0.0"
+  s.version = "1.1.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["RailsJedi", "David Heinemeier Hansson", "jcnetdev", "bcurren", "bmpercy"]
@@ -33,7 +33,7 @@ Gem::Specification.new do |s|
   s.homepage = %q{http://github.com/revo/ssl_requirement}
   s.rdoc_options = ["--charset=UTF-8"]
   s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.5}
+  s.rubygems_version = %q{1.3.6}
   s.summary = %q{Allow controller actions to force SSL on specific parts of the site.}
   s.test_files = [
     "test/url_rewriter_test.rb",

data/test/ssl_requirement_test.rb

@@ -1,6 +1,6 @@
 require 'set'
 require 'rubygems'
-require 'activesupport'
+require 'active_support'
 begin
   require 'action_controller'
 rescue LoadError
@@ -124,6 +124,23 @@ class SslRequirementTest < ActionController::TestCase
     @non_ssl_host_override = 'www.example.com:8080'
   end
 
+  # port preservation tests
+
+  def test_redirect_to_https_preserves_non_normal_port
+    assert_not_equal "on", @request.env["HTTPS"]
+    @request.port = 4567
+    get :b
+    assert_response :redirect
+    assert_match %r{^https://.*:4567/}, @response.headers['Location']
+  end
+
+  def test_redirect_to_https_does_not_preserve_normal_port
+    assert_not_equal "on", @request.env["HTTPS"]
+    get :b
+    assert_response :redirect
+    assert_match %r{^https://.*[^:]/}, @response.headers['Location']
+  end
+
   # flash-related tests
   
   def test_redirect_to_https_preserves_flash

metadata

@@ -1,7 +1,12 @@
 --- !ruby/object:Gem::Specification 
 name: revo-ssl_requirement
 version: !ruby/object:Gem::Version 
-  version: 1.0.0
+  prerelease: false
+  segments: 
+    - 1
+    - 1
+    - 0
+  version: 1.1.0
 platform: ruby
 authors: 
   - RailsJedi
@@ -52,18 +57,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        segments: 
+          - 0
         version: "0"
-  version: 
 required_rubygems_version: !ruby/object:Gem::Requirement 
   requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        segments: 
+          - 0
         version: "0"
-  version: 
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.3.5
+rubygems_version: 1.3.6
 signing_key: 
 specification_version: 3
 summary: Allow controller actions to force SSL on specific parts of the site.