Always use the provided port for protocol relative urls

There may be situations where you need to tunnel SSL connections over port 80 so we shouldn't remove it if it has been explicitly provided.

Always use the provided port for protocol relative urls
There may be situations where you need to tunnel SSL connections over port 80 so we shouldn't remove it if it has been explicitly provided.
2378f69e · Andrew White · be93d94e · 2378f69e · 2378f69e · 2378f69e
3 changed file
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
+*   Always use the provided port if the protocol is relative.
+
+    Fixes #15043.
+
+    *Guilherme Cavalcanti*, *Andrew White*
+
 *   Moved `params[request_forgery_protection_token]` into its own method
    and improved tests.


--- a/actionpack/lib/action_dispatch/http/url.rb
+++ b/actionpack/lib/action_dispatch/http/url.rb
@@ -135,6 +135,8 @@ def normalize_port(options)
          return nil if options[:port].nil? || options[:port] == false

          case options[:protocol]
+          when "//"
+            options[:port]
          when "https://"
            options[:port].to_i == 443 ? nil : options[:port]
          else

--- a/actionpack/test/dispatch/url_generation_test.rb
+++ b/actionpack/test/dispatch/url_generation_test.rb
@@ -64,18 +64,30 @@ def app

    test "port is extracted from the host" do
      assert_equal "http://www.example.com:8080/foo", foo_url(host: "www.example.com:8080", protocol: "http://")
+      assert_equal "//www.example.com:8080/foo", foo_url(host: "www.example.com:8080", protocol: "//")
+      assert_equal "//www.example.com:80/foo", foo_url(host: "www.example.com:80", protocol: "//")
+    end
+
+    test "port option is used" do
+      assert_equal "http://www.example.com:8080/foo", foo_url(host: "www.example.com", protocol: "http://", port: 8080)
+      assert_equal "//www.example.com:8080/foo", foo_url(host: "www.example.com", protocol: "//", port: 8080)
+      assert_equal "//www.example.com:80/foo", foo_url(host: "www.example.com", protocol: "//", port: 80)
    end

    test "port option overrides the host" do
      assert_equal "http://www.example.com:8080/foo", foo_url(host: "www.example.com:8443", protocol: "http://", port: 8080)
+      assert_equal "//www.example.com:8080/foo", foo_url(host: "www.example.com:8443", protocol: "//", port: 8080)
+      assert_equal "//www.example.com:80/foo", foo_url(host: "www.example.com:443", protocol: "//", port: 80)
    end

    test "port option disables the host when set to nil" do
      assert_equal "http://www.example.com/foo", foo_url(host: "www.example.com:8443", protocol: "http://", port: nil)
+      assert_equal "//www.example.com/foo", foo_url(host: "www.example.com:8443", protocol: "//", port: nil)
    end

    test "port option disables the host when set to false" do
      assert_equal "http://www.example.com/foo", foo_url(host: "www.example.com:8443", protocol: "http://", port: false)
+      assert_equal "//www.example.com/foo", foo_url(host: "www.example.com:8443", protocol: "//", port: false)
    end

    test "keep subdomain when key is true" do