revo-ssl_requirement 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION +1 -1
- data/lib/ssl_requirement.rb +60 -28
- data/revo-ssl_requirement.gemspec +2 -2
- data/test/ssl_requirement_test.rb +18 -1
- metadata +11 -4
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.1.0
|
data/lib/ssl_requirement.rb
CHANGED
|
@@ -22,7 +22,7 @@ require "#{File.dirname(__FILE__)}/url_rewriter"
|
|
|
22
22
|
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
23
23
|
module SslRequirement
|
|
24
24
|
mattr_accessor :ssl_host, :non_ssl_host
|
|
25
|
-
|
|
25
|
+
|
|
26
26
|
def self.included(controller)
|
|
27
27
|
controller.extend(ClassMethods)
|
|
28
28
|
controller.before_filter(:ensure_proper_protocol)
|
|
@@ -52,35 +52,67 @@ module SslRequirement
|
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
protected
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
unless except
|
|
61
|
-
required.include?(action_name.to_sym)
|
|
62
|
-
else
|
|
63
|
-
!except.include?(action_name.to_sym)
|
|
64
|
-
end
|
|
65
|
-
end
|
|
55
|
+
# Returns true if the current action is supposed to run as SSL
|
|
56
|
+
def ssl_required?
|
|
57
|
+
required = (self.class.read_inheritable_attribute(:ssl_required_actions) || [])
|
|
58
|
+
except = self.class.read_inheritable_attribute(:ssl_required_except_actions)
|
|
66
59
|
|
|
67
|
-
|
|
68
|
-
|
|
60
|
+
unless except
|
|
61
|
+
required.include?(action_name.to_sym)
|
|
62
|
+
else
|
|
63
|
+
!except.include?(action_name.to_sym)
|
|
69
64
|
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def ssl_allowed?
|
|
68
|
+
(self.class.read_inheritable_attribute(:ssl_allowed_actions) || []).include?(action_name.to_sym)
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
# normal ports are the ports used when no port is specified by the user to the browser
|
|
72
|
+
# i.e. 80 if the protocol is http, 443 is the protocol is https
|
|
73
|
+
NORMAL_PORTS = [80, 443]
|
|
70
74
|
|
|
71
75
|
private
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
end
|
|
76
|
+
def ensure_proper_protocol
|
|
77
|
+
return true if SslRequirement.disable_ssl_check?
|
|
78
|
+
return true if ssl_allowed?
|
|
79
|
+
|
|
80
|
+
if ssl_required? && !request.ssl?
|
|
81
|
+
redirect_to determine_redirect_url(request, true)
|
|
82
|
+
flash.keep
|
|
83
|
+
return false
|
|
84
|
+
elsif request.ssl? && !ssl_required?
|
|
85
|
+
redirect_to determine_redirect_url(request, false)
|
|
86
|
+
flash.keep
|
|
87
|
+
return false
|
|
85
88
|
end
|
|
86
|
-
end
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
def determine_redirect_url(request, ssl)
|
|
92
|
+
protocol = ssl ? "https" : "http"
|
|
93
|
+
"#{protocol}://#{determine_host_and_port(request, ssl)}#{request.request_uri}"
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
def determine_host_and_port(request, ssl)
|
|
97
|
+
request_host = request.host
|
|
98
|
+
request_port = request.port
|
|
99
|
+
|
|
100
|
+
if ssl
|
|
101
|
+
"#{(ssl_host || request_host)}#{determine_port_string(request_port)}"
|
|
102
|
+
else
|
|
103
|
+
"#{(non_ssl_host || request_host)}#{determine_port_string(request_port)}"
|
|
104
|
+
end
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
def determine_port_string(port)
|
|
108
|
+
unless port_normal?(port)
|
|
109
|
+
":#{port}"
|
|
110
|
+
else
|
|
111
|
+
""
|
|
112
|
+
end
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
def port_normal?(port)
|
|
116
|
+
NORMAL_PORTS.include?(port)
|
|
117
|
+
end
|
|
118
|
+
end
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{revo-ssl_requirement}
|
|
8
|
-
s.version = "1.
|
|
8
|
+
s.version = "1.1.0"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["RailsJedi", "David Heinemeier Hansson", "jcnetdev", "bcurren", "bmpercy"]
|
|
@@ -33,7 +33,7 @@ Gem::Specification.new do |s|
|
|
|
33
33
|
s.homepage = %q{http://github.com/revo/ssl_requirement}
|
|
34
34
|
s.rdoc_options = ["--charset=UTF-8"]
|
|
35
35
|
s.require_paths = ["lib"]
|
|
36
|
-
s.rubygems_version = %q{1.3.
|
|
36
|
+
s.rubygems_version = %q{1.3.6}
|
|
37
37
|
s.summary = %q{Allow controller actions to force SSL on specific parts of the site.}
|
|
38
38
|
s.test_files = [
|
|
39
39
|
"test/url_rewriter_test.rb",
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
require 'set'
|
|
2
2
|
require 'rubygems'
|
|
3
|
-
require '
|
|
3
|
+
require 'active_support'
|
|
4
4
|
begin
|
|
5
5
|
require 'action_controller'
|
|
6
6
|
rescue LoadError
|
|
@@ -124,6 +124,23 @@ class SslRequirementTest < ActionController::TestCase
|
|
|
124
124
|
@non_ssl_host_override = 'www.example.com:8080'
|
|
125
125
|
end
|
|
126
126
|
|
|
127
|
+
# port preservation tests
|
|
128
|
+
|
|
129
|
+
def test_redirect_to_https_preserves_non_normal_port
|
|
130
|
+
assert_not_equal "on", @request.env["HTTPS"]
|
|
131
|
+
@request.port = 4567
|
|
132
|
+
get :b
|
|
133
|
+
assert_response :redirect
|
|
134
|
+
assert_match %r{^https://.*:4567/}, @response.headers['Location']
|
|
135
|
+
end
|
|
136
|
+
|
|
137
|
+
def test_redirect_to_https_does_not_preserve_normal_port
|
|
138
|
+
assert_not_equal "on", @request.env["HTTPS"]
|
|
139
|
+
get :b
|
|
140
|
+
assert_response :redirect
|
|
141
|
+
assert_match %r{^https://.*[^:]/}, @response.headers['Location']
|
|
142
|
+
end
|
|
143
|
+
|
|
127
144
|
# flash-related tests
|
|
128
145
|
|
|
129
146
|
def test_redirect_to_https_preserves_flash
|
metadata
CHANGED
|
@@ -1,7 +1,12 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: revo-ssl_requirement
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
|
|
4
|
+
prerelease: false
|
|
5
|
+
segments:
|
|
6
|
+
- 1
|
|
7
|
+
- 1
|
|
8
|
+
- 0
|
|
9
|
+
version: 1.1.0
|
|
5
10
|
platform: ruby
|
|
6
11
|
authors:
|
|
7
12
|
- RailsJedi
|
|
@@ -52,18 +57,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
52
57
|
requirements:
|
|
53
58
|
- - ">="
|
|
54
59
|
- !ruby/object:Gem::Version
|
|
60
|
+
segments:
|
|
61
|
+
- 0
|
|
55
62
|
version: "0"
|
|
56
|
-
version:
|
|
57
63
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
58
64
|
requirements:
|
|
59
65
|
- - ">="
|
|
60
66
|
- !ruby/object:Gem::Version
|
|
67
|
+
segments:
|
|
68
|
+
- 0
|
|
61
69
|
version: "0"
|
|
62
|
-
version:
|
|
63
70
|
requirements: []
|
|
64
71
|
|
|
65
72
|
rubyforge_project:
|
|
66
|
-
rubygems_version: 1.3.
|
|
73
|
+
rubygems_version: 1.3.6
|
|
67
74
|
signing_key:
|
|
68
75
|
specification_version: 3
|
|
69
76
|
summary: Allow controller actions to force SSL on specific parts of the site.
|