Skip to content
Browse files

ActionController::ForceSSL accepts options for redirect_to

force_ssl can accept options for redirect_to. like status for the http code to use for redirect
  • Loading branch information...
1 parent f415475 commit 47cf659cf1365c0b5b1dfcb35295da171b6beaea @deepak committed Sep 8, 2012
View
12 actionpack/lib/action_controller/metal/force_ssl.rb
@@ -37,10 +37,12 @@ module ClassMethods
# will be called only when it returns a true value.
# * <tt>unless</tt> - A symbol naming an instance method or a proc; the callback
# will be called only when it returns a false value.
+ # * <tt>status</tt> - The http status to to used for redirect, 302-307
def force_ssl(options = {})
host = options.delete(:host)
before_filter(options) do
- force_ssl_redirect(host)
+ [:only, :except, :if, :unless].each {|x| options.delete(x) }
+ force_ssl_redirect(host, options)
end
end
end
@@ -49,10 +51,12 @@ def force_ssl(options = {})
#
# ==== Parameters
# * <tt>host</tt> - Redirect to a different host name
- def force_ssl_redirect(host = nil)
+ def force_ssl_redirect(host = nil, redirect_options={})
unless request.ssl?
- redirect_options = {:protocol => 'https://', :status => :moved_permanently}
- redirect_options.merge!(:host => host) if host
+ redirect_options.delete(:protocol)
+ redirect_options.delete(:params)
+ redirect_options = {:protocol => 'https://', :status => :moved_permanently}.merge(redirect_options)
+ redirect_options.merge!(:host => host) if host && host != :existing
redirect_options.merge!(:params => request.query_parameters)
flash.keep if respond_to?(:flash)
redirect_to redirect_options
View
32 actionpack/test/controller/force_ssl_test.rb
@@ -34,6 +34,10 @@ def use_force_ssl?
end
end
+class ForceSSLWithTemporaryRedirect < ForceSSLController
+ force_ssl :status => :temporary_redirect
+end
+
class ForceSSLFlash < ForceSSLController
force_ssl :except => [:banana, :set_flash, :use_flash]
@@ -56,6 +60,12 @@ def banana
def cheeseburger
force_ssl_redirect('secure.cheeseburger.host') || render(:text => 'ihaz')
end
+ def orange
+ force_ssl_redirect(:existing, status: :temporary_redirect) || render(:text => 'monkey')
+ end
+ def bad_orange
+ force_ssl_redirect(:existing, params: {whoops: "true"}, protocol: "ftp://") || render(:text => 'monkey')
+ end
end
class ForceSSLControllerLevelTest < ActionController::TestCase
@@ -141,6 +151,15 @@ def test_cheeseburger_redirects_to_https
end
end
+class ForceSSLWithTemporaryRedirectTest < ActionController::TestCase
+ tests ForceSSLWithTemporaryRedirect
+
+ def test_banana_redirects_with_http_status_307
+ get :banana
+ assert_response 307
+ end
+end
+
class ForceSSLFlashTest < ActionController::TestCase
tests ForceSSLFlash
@@ -179,4 +198,15 @@ def test_banana_does_not_redirect_if_already_https
assert_response 200
assert_equal 'ihaz', response.body
end
-end
+
+ def test_orange_redirects_with_http_status_307
+ get :orange
+ assert_response 307
+ assert_equal "https://test.host/redirect_to_ssl/orange", redirect_to_url
+ end
+
+ def test_bad_orange_ignores_protocol_and_params
+ get :bad_orange
+ assert_equal "https://test.host/redirect_to_ssl/bad_orange", redirect_to_url
+ end
+end

0 comments on commit 47cf659

Please sign in to comment.
Something went wrong with that request. Please try again.