ssl_routes 0.1.5 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/ssl_routes/{rails3.rb → rails.rb} +5 -4
- data/lib/ssl_routes/version.rb +3 -3
- data/lib/ssl_routes.rb +3 -4
- data/test/test_helper.rb +1 -3
- metadata +11 -10
- data/lib/ssl_routes/rails2.rb +0 -71
@@ -11,7 +11,7 @@ module SslRoutes
|
|
11
11
|
def enforce_protocols(&block)
|
12
12
|
cattr_accessor :parameter, :secure_session, :enable_ssl
|
13
13
|
self.parameter = :protocol
|
14
|
-
self.secure_session =
|
14
|
+
self.secure_session = true
|
15
15
|
self.enable_ssl = false
|
16
16
|
yield self if block_given?
|
17
17
|
before_filter :ensure_protocol if self.enable_ssl
|
@@ -21,10 +21,11 @@ module SslRoutes
|
|
21
21
|
|
22
22
|
def determine_protocols(options)
|
23
23
|
current = self.request.ssl? ? 'https' : 'http'
|
24
|
-
target
|
24
|
+
target = case options[self.parameter]
|
25
25
|
when String then options[self.parameter]
|
26
26
|
when TrueClass then 'https'
|
27
|
-
|
27
|
+
when FalseClass then 'http'
|
28
|
+
else 'http' # maybe this should be current
|
28
29
|
end
|
29
30
|
target = current if [:all, :both].include? options[self.parameter]
|
30
31
|
target = 'https' if self.secure_session && current_user
|
@@ -40,7 +41,7 @@ module SslRoutes
|
|
40
41
|
current, target = determine_protocols(options)
|
41
42
|
if current != target && !request.xhr? && request.get?
|
42
43
|
flash.keep
|
43
|
-
redirect_to
|
44
|
+
redirect_to "#{target}://#{request.host_with_port + request.fullpath}"
|
44
45
|
return false
|
45
46
|
end
|
46
47
|
end
|
data/lib/ssl_routes/version.rb
CHANGED
data/lib/ssl_routes.rb
CHANGED
data/test/test_helper.rb
CHANGED
@@ -1,5 +1,4 @@
|
|
1
|
-
|
2
|
-
$: << File.join(File.dirname(__FILE__))
|
1
|
+
$LOAD_PATH << File.dirname(__FILE__)
|
3
2
|
|
4
3
|
require 'rubygems'
|
5
4
|
require 'test/unit'
|
@@ -11,4 +10,3 @@ require 'test/unit'
|
|
11
10
|
# require 'action_view'
|
12
11
|
# require 'active_record'
|
13
12
|
# require 'ruby-debug'
|
14
|
-
require 'spamtrap'
|
metadata
CHANGED
@@ -1,21 +1,23 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ssl_routes
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 23
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
|
-
-
|
9
|
-
-
|
10
|
-
version: 0.
|
8
|
+
- 2
|
9
|
+
- 0
|
10
|
+
version: 0.2.0
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Cedric Howe
|
14
|
+
- Lance Ivy
|
15
|
+
- Tieg Zaharia
|
14
16
|
autorequire:
|
15
17
|
bindir: bin
|
16
18
|
cert_chain: []
|
17
19
|
|
18
|
-
date:
|
20
|
+
date: 2013-02-28 00:00:00 Z
|
19
21
|
dependencies:
|
20
22
|
- !ruby/object:Gem::Dependency
|
21
23
|
name: rails
|
@@ -25,11 +27,11 @@ dependencies:
|
|
25
27
|
requirements:
|
26
28
|
- - ">="
|
27
29
|
- !ruby/object:Gem::Version
|
28
|
-
hash:
|
30
|
+
hash: 7
|
29
31
|
segments:
|
30
|
-
- 2
|
31
32
|
- 3
|
32
|
-
|
33
|
+
- 0
|
34
|
+
version: "3.0"
|
33
35
|
type: :runtime
|
34
36
|
version_requirements: *id001
|
35
37
|
description: Define your SSL settings in one place to enforce in your controller, generate URLs with the correct protocol, and protect yourself against session hijacking.
|
@@ -42,8 +44,7 @@ extra_rdoc_files: []
|
|
42
44
|
|
43
45
|
files:
|
44
46
|
- lib/ssl_routes/paperclip.rb
|
45
|
-
- lib/ssl_routes/
|
46
|
-
- lib/ssl_routes/rails3.rb
|
47
|
+
- lib/ssl_routes/rails.rb
|
47
48
|
- lib/ssl_routes/version.rb
|
48
49
|
- lib/ssl_routes.rb
|
49
50
|
- test/test_helper.rb
|
data/lib/ssl_routes/rails2.rb
DELETED
@@ -1,71 +0,0 @@
|
|
1
|
-
module SslRoutes::Controller
|
2
|
-
|
3
|
-
def self.included(base)
|
4
|
-
base.extend ClassMethods
|
5
|
-
base.send :include, InstanceMethods
|
6
|
-
base.send :alias_method_chain, :url_for, :ssl_support
|
7
|
-
end
|
8
|
-
|
9
|
-
module ClassMethods
|
10
|
-
|
11
|
-
def enforce_protocols(&block)
|
12
|
-
cattr_accessor :parameter, :secure_session, :enable_ssl
|
13
|
-
self.parameter = :protocol
|
14
|
-
self.secure_session = false
|
15
|
-
self.enable_ssl = false
|
16
|
-
yield self if block_given?
|
17
|
-
before_filter :ensure_protocol if self.enable_ssl
|
18
|
-
end
|
19
|
-
|
20
|
-
end
|
21
|
-
|
22
|
-
module InstanceMethods
|
23
|
-
|
24
|
-
def url_for_with_ssl_support(options)
|
25
|
-
if self.enable_ssl
|
26
|
-
case options
|
27
|
-
when Hash
|
28
|
-
current_protocol = request.protocol.split(':').first
|
29
|
-
target_protocol = determine_target_protocol(current_protocol, options)
|
30
|
-
if current_protocol != target_protocol
|
31
|
-
options.merge!({ :protocol => target_protocol, :only_path => false })
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|
35
|
-
url_for_without_ssl_support(options)
|
36
|
-
end
|
37
|
-
|
38
|
-
private
|
39
|
-
|
40
|
-
def ensure_protocol
|
41
|
-
options = ActionController::Routing::Routes.recognize_path(
|
42
|
-
request.path,
|
43
|
-
ActionController::Routing::Routes.extract_request_environment(request)
|
44
|
-
)
|
45
|
-
current_protocol = request.protocol.split(':').first
|
46
|
-
target_protocol = determine_target_protocol(current_protocol, options)
|
47
|
-
if current_protocol != target_protocol && !request.xhr? && request.get?
|
48
|
-
flash.keep
|
49
|
-
redirect_to "#{target_protocol}://#{request.host_with_port + request.request_uri}"
|
50
|
-
return false
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
def determine_target_protocol(current_protocol, options)
|
55
|
-
protocol = case options[self.parameter]
|
56
|
-
when String then options[self.parameter]
|
57
|
-
when TrueClass then 'https'
|
58
|
-
else 'http'
|
59
|
-
end
|
60
|
-
protocol = current_protocol if [:all, :both].include? options[self.parameter]
|
61
|
-
protocol = 'https' if self.secure_session && current_user
|
62
|
-
protocol = options[:protocol] if options[:protocol]
|
63
|
-
return protocol.split(':').first
|
64
|
-
end
|
65
|
-
|
66
|
-
end
|
67
|
-
|
68
|
-
end
|
69
|
-
|
70
|
-
ActionController::Base.send :include, SslRoutes::Controller
|
71
|
-
ActionController::Routing::Routes.send :remove_recognize_optimized!
|