Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
caa6fb3e
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
caa6fb3e
编写于
2月 28, 2016
作者:
K
Kasper Timm Hansen
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #22591 from gregmolnar/ssl
add `constraint_to` option to SSL middleware
上级
d44a3c05
97b9e32d
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
13 addition
and
2 deletion
+13
-2
actionpack/lib/action_dispatch/middleware/ssl.rb
actionpack/lib/action_dispatch/middleware/ssl.rb
+6
-2
actionpack/test/dispatch/ssl_test.rb
actionpack/test/dispatch/ssl_test.rb
+7
-0
未找到文件。
actionpack/lib/action_dispatch/middleware/ssl.rb
浏览文件 @
caa6fb3e
...
...
@@ -34,6 +34,10 @@ module ActionDispatch
# original HSTS directive until it expires. Instead, use the header to tell browsers to
# expire HSTS immediately. Setting `hsts: false` is a shortcut for
# `hsts: { expires: 0 }`.
#
# Redirection can be constrained to only whitelisted requests with `constrain_to`:
#
# config.ssl_options = { redirect: { constrain_to: -> request { request.path !~ /healthcheck/ } } }
class
SSL
# Default to 180 days, the low end for https://www.ssllabs.com/ssltest/
# and greater than the 18-week requirement for browser preload lists.
...
...
@@ -55,7 +59,7 @@ def initialize(app, redirect: {}, hsts: {}, secure_cookies: true, **options)
else
@redirect
=
redirect
end
@constrain_to
=
@redirect
&&
@redirect
[
:constrain_to
]
||
proc
{
@redirect
}
@secure_cookies
=
secure_cookies
if
hsts
!=
true
&&
hsts
!=
false
&&
hsts
[
:subdomains
].
nil?
...
...
@@ -80,7 +84,7 @@ def call(env)
flag_cookies_as_secure!
headers
if
@secure_cookies
end
else
return
redirect_to_https
request
if
@
redirect
return
redirect_to_https
request
if
@
constrain_to
.
call
(
request
)
@app
.
call
(
env
)
end
end
...
...
actionpack/test/dispatch/ssl_test.rb
浏览文件 @
caa6fb3e
...
...
@@ -39,6 +39,13 @@ def assert_redirected(redirect: {}, deprecated_host: nil, deprecated_port: nil,
assert_equal
redirect
[
:body
].
join
,
@response
.
body
end
test
'constrain to can avoid redirect'
do
constraining
=
{
constrain_to:
->
request
{
request
.
path
!~
/healthcheck/
}
}
assert_not_redirected
'http://example.org/healthcheck'
,
redirect:
constraining
assert_redirected
from:
'http://example.org/'
,
redirect:
constraining
end
test
'https is not redirected'
do
assert_not_redirected
'https://example.org'
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录