Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
fda5afeb
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
fda5afeb
编写于
6月 19, 2016
作者:
R
Rafael Mendonça França
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Remove deprecated code in ssl middleware
上级
2ca83c4a
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
23 addition
and
62 deletion
+23
-62
actionpack/CHANGELOG.md
actionpack/CHANGELOG.md
+8
-0
actionpack/lib/action_dispatch/middleware/ssl.rb
actionpack/lib/action_dispatch/middleware/ssl.rb
+3
-21
actionpack/test/dispatch/ssl_test.rb
actionpack/test/dispatch/ssl_test.rb
+10
-39
railties/test/application/middleware_test.rb
railties/test/application/middleware_test.rb
+2
-2
未找到文件。
actionpack/CHANGELOG.md
浏览文件 @
fda5afeb
*
Change HSTS subdomain to true.
*Rafael Mendonça França*
*
Remove deprecated
`host`
and
`port`
ssl options.
*Rafael Mendonça França*
*
Remove deprecated
`const_error`
argument in
*
Remove deprecated
`const_error`
argument in
`ActionDispatch::Session::SessionRestoreError#initialize`
.
`ActionDispatch::Session::SessionRestoreError#initialize`
.
...
...
actionpack/lib/action_dispatch/middleware/ssl.rb
浏览文件 @
fda5afeb
...
@@ -45,35 +45,17 @@ class SSL
...
@@ -45,35 +45,17 @@ class SSL
HSTS_EXPIRES_IN
=
15552000
HSTS_EXPIRES_IN
=
15552000
def
self
.
default_hsts_options
def
self
.
default_hsts_options
{
expires:
HSTS_EXPIRES_IN
,
subdomains:
fals
e
,
preload:
false
}
{
expires:
HSTS_EXPIRES_IN
,
subdomains:
tru
e
,
preload:
false
}
end
end
def
initialize
(
app
,
redirect:
{},
hsts:
{},
secure_cookies:
true
,
**
options
)
def
initialize
(
app
,
redirect:
{},
hsts:
{},
secure_cookies:
true
)
@app
=
app
@app
=
app
if
options
[
:host
]
||
options
[
:port
]
@redirect
=
redirect
ActiveSupport
::
Deprecation
.
warn
<<-
end_warning
.
strip_heredoc
The `:host` and `:port` options are moving within `:redirect`:
`config.ssl_options = { redirect: { host: …, port: … } }`.
end_warning
@redirect
=
options
.
slice
(
:host
,
:port
)
else
@redirect
=
redirect
end
@exclude
=
@redirect
&&
@redirect
[
:exclude
]
||
proc
{
!
@redirect
}
@exclude
=
@redirect
&&
@redirect
[
:exclude
]
||
proc
{
!
@redirect
}
@secure_cookies
=
secure_cookies
@secure_cookies
=
secure_cookies
if
hsts
!=
true
&&
hsts
!=
false
&&
hsts
[
:subdomains
].
nil?
hsts
[
:subdomains
]
=
false
ActiveSupport
::
Deprecation
.
warn
<<-
end_warning
.
strip_heredoc
In Rails 5.1, The `:subdomains` option of HSTS config will be treated as true if
unspecified. Set `config.ssl_options = { hsts: { subdomains: false } }` to opt out
of this behavior.
end_warning
end
@hsts_header
=
build_hsts_header
(
normalize_hsts_options
(
hsts
))
@hsts_header
=
build_hsts_header
(
normalize_hsts_options
(
hsts
))
end
end
...
...
actionpack/test/dispatch/ssl_test.rb
浏览文件 @
fda5afeb
...
@@ -12,25 +12,16 @@ def build_app(headers: {}, ssl_options: {})
...
@@ -12,25 +12,16 @@ def build_app(headers: {}, ssl_options: {})
end
end
class
RedirectSSLTest
<
SSLTest
class
RedirectSSLTest
<
SSLTest
def
assert_not_redirected
(
url
,
headers:
{},
redirect:
{},
deprecated_host:
nil
,
def
assert_not_redirected
(
url
,
headers:
{},
redirect:
{})
deprecated_port:
nil
)
self
.
app
=
build_app
ssl_options:
{
redirect:
redirect
}
self
.
app
=
build_app
ssl_options:
{
redirect:
redirect
,
host:
deprecated_host
,
port:
deprecated_port
}
get
url
,
headers:
headers
get
url
,
headers:
headers
assert_response
:ok
assert_response
:ok
end
end
def
assert_redirected
(
redirect:
{},
deprecated_host:
nil
,
deprecated_port:
nil
,
def
assert_redirected
(
redirect:
{},
from:
"http://a/b?c=d"
,
to:
from
.
sub
(
"http"
,
"https"
))
from:
"http://a/b?c=d"
,
to:
from
.
sub
(
"http"
,
"https"
))
redirect
=
{
status:
301
,
body:
[]
}.
merge
(
redirect
)
redirect
=
{
status:
301
,
body:
[]
}.
merge
(
redirect
)
self
.
app
=
build_app
ssl_options:
{
redirect:
redirect
,
self
.
app
=
build_app
ssl_options:
{
redirect:
redirect
}
host:
deprecated_host
,
port:
deprecated_port
}
get
from
get
from
assert_response
redirect
[
:status
]
||
301
assert_response
redirect
[
:status
]
||
301
...
@@ -99,18 +90,6 @@ def assert_post_redirected(redirect: {}, from: "http://a/b?c=d",
...
@@ -99,18 +90,6 @@ def assert_post_redirected(redirect: {}, from: "http://a/b?c=d",
assert_redirected
redirect:
{
host:
"ssl:443"
},
to:
"https://ssl:443/b?c=d"
assert_redirected
redirect:
{
host:
"ssl:443"
},
to:
"https://ssl:443/b?c=d"
end
end
test
":host is deprecated, moved within redirect: { host: … }"
do
assert_deprecated
do
assert_redirected
deprecated_host:
"foo"
,
to:
"https://foo/b?c=d"
end
end
test
":port is deprecated, moved within redirect: { port: … }"
do
assert_deprecated
do
assert_redirected
deprecated_port:
1
,
to:
"https://a:1/b?c=d"
end
end
test
"no redirect with redirect set to false"
do
test
"no redirect with redirect set to false"
do
assert_not_redirected
"http://example.org"
,
redirect:
false
assert_not_redirected
"http://example.org"
,
redirect:
false
end
end
...
@@ -139,23 +118,19 @@ def assert_hsts(expected, url: "https://example.org", hsts: { subdomains: true }
...
@@ -139,23 +118,19 @@ def assert_hsts(expected, url: "https://example.org", hsts: { subdomains: true }
end
end
test
"hsts: true enables default settings"
do
test
"hsts: true enables default settings"
do
assert_hsts
EXPECTED
,
hsts:
true
assert_hsts
EXPECTED
_WITH_SUBDOMAINS
,
hsts:
true
end
end
test
"hsts: false sets max-age to zero, clearing browser HSTS settings"
do
test
"hsts: false sets max-age to zero, clearing browser HSTS settings"
do
assert_hsts
"max-age=0"
,
hsts:
false
assert_hsts
"max-age=0
; includeSubDomains
"
,
hsts:
false
end
end
test
":expires sets max-age"
do
test
":expires sets max-age"
do
assert_deprecated
do
assert_hsts
"max-age=500; includeSubDomains"
,
hsts:
{
expires:
500
}
assert_hsts
"max-age=500"
,
hsts:
{
expires:
500
}
end
end
end
test
":expires supports AS::Duration arguments"
do
test
":expires supports AS::Duration arguments"
do
assert_deprecated
do
assert_hsts
"max-age=31557600; includeSubDomains"
,
hsts:
{
expires:
1
.
year
}
assert_hsts
"max-age=31557600"
,
hsts:
{
expires:
1
.
year
}
end
end
end
test
"include subdomains"
do
test
"include subdomains"
do
...
@@ -167,15 +142,11 @@ def assert_hsts(expected, url: "https://example.org", hsts: { subdomains: true }
...
@@ -167,15 +142,11 @@ def assert_hsts(expected, url: "https://example.org", hsts: { subdomains: true }
end
end
test
"opt in to browser preload lists"
do
test
"opt in to browser preload lists"
do
assert_deprecated
do
assert_hsts
"
#{
EXPECTED_WITH_SUBDOMAINS
}
; preload"
,
hsts:
{
preload:
true
}
assert_hsts
"
#{
EXPECTED
}
; preload"
,
hsts:
{
preload:
true
}
end
end
end
test
"opt out of browser preload lists"
do
test
"opt out of browser preload lists"
do
assert_deprecated
do
assert_hsts
EXPECTED_WITH_SUBDOMAINS
,
hsts:
{
preload:
false
}
assert_hsts
EXPECTED
,
hsts:
{
preload:
false
}
end
end
end
end
end
...
...
railties/test/application/middleware_test.rb
浏览文件 @
fda5afeb
...
@@ -100,10 +100,10 @@ def app
...
@@ -100,10 +100,10 @@ def app
test
"ActionDispatch::SSL is configured with options when given"
do
test
"ActionDispatch::SSL is configured with options when given"
do
add_to_config
"config.force_ssl = true"
add_to_config
"config.force_ssl = true"
add_to_config
"config.ssl_options = {
host: 'example.com'
}"
add_to_config
"config.ssl_options = {
redirect: { host: 'example.com' }
}"
boot!
boot!
assert_equal
[{
host:
"example.com"
}],
Rails
.
application
.
middleware
.
first
.
args
assert_equal
[{
redirect:
{
host:
"example.com"
}
}],
Rails
.
application
.
middleware
.
first
.
args
end
end
test
"removing Active Record omits its middleware"
do
test
"removing Active Record omits its middleware"
do
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录