Permalink
Commits on Mar 23, 2014
  1. Rack::SSL 1.4.1

    josh committed Mar 23, 2014
  2. Merge branch '1.3.x'

    josh committed Mar 23, 2014
    Conflicts:
    	lib/rack/ssl.rb
    	rack-ssl.gemspec
  3. Rack::SSL 1.3.4

    josh committed Mar 23, 2014
  4. Merge pull request #34 from josh/skip-uri-validation

    josh committed Mar 23, 2014
    Skip URI parsing Request#url
Commits on Mar 21, 2014
  1. Skip URI parsing Request#url

    josh committed Mar 21, 2014
    URI may fail to parse some legit URL paths
Commits on Mar 17, 2014
  1. Rack::SSL 1.4.0

    josh committed Mar 17, 2014
  2. Merge pull request #29 from karmi/patch-1

    josh committed Mar 17, 2014
    Added more installation/usage instructions into the README
  3. Merge pull request #31 from gomore/master

    josh committed Mar 17, 2014
    Handle bad URIs gracefully
Commits on Mar 14, 2014
  1. Update test 404 -> 400

    chopmo committed Mar 14, 2014
  2. Include Content-Type in 400 response

    chopmo committed Mar 14, 2014
    To stay compatible with old Rack versions.
  3. Merge pull request #27 from gbuesing/hstsfix

    josh committed Mar 14, 2014
    As per spec, don't include STS header in non-https responses
  4. Merge pull request #23 from jordimassaguerpla/master

    josh committed Mar 14, 2014
    add license information to the gemspec
Commits on Mar 13, 2014
Commits on Aug 24, 2013
Commits on Jul 9, 2013
  1. Handle bad URIs gracefully.

    xaviershay committed Jul 9, 2013
    Some adapters (i.e. jruby-rack) will pass through bad URIs, then display
    the resulting exception. This creates an attack vector for XSS attacks.
Commits on Jun 24, 2013
Commits on Feb 6, 2013
  1. add license information to gemspec

    jordimassaguerpla committed Feb 6, 2013
    this way we can use it with rubygems.org API
Commits on Jan 29, 2013
  1. Rack::SSL 1.3.3

    josh committed Jan 29, 2013
  2. Merge pull request #21 from rkh/redirect-307

    josh committed Jan 29, 2013
    use status 307 for anything but GET or HEAD
Commits on Sep 26, 2012
  1. Revert "Merge pull request #7 from bartt/master"

    josh committed Sep 26, 2012
    This reverts commit 6a6c15d, reversing
    changes made to 239e2d4.
Commits on Jun 10, 2011
  1. Merge pull request #7 from bartt/master

    josh committed Jun 10, 2011
    Also allow the SSL port to be specified
Commits on Jun 3, 2011
  1. - Add :port to options

    Bart Teeuwisse committed Jun 3, 2011
Commits on Mar 24, 2011
  1. Rack::SSL 1.3.2

    josh committed Mar 24, 2011
  2. Rack::SSL 1.3.1

    josh committed Mar 24, 2011
  3. Remove deps.rip

    josh committed Mar 24, 2011
Commits on Mar 23, 2011
  1. Split out the test.

    eric committed Mar 23, 2011
Commits on Feb 16, 2011
  1. Rack::SSL 1.3.0

    josh committed Feb 16, 2011
  2. Add gemspec

    josh committed Feb 16, 2011
  3. Merge pull request #2 from qrush/rack-ssl

    josh committed Feb 16, 2011
    ---
    
    So a bug with my last patch was if you accessed a subdomain on http, you got redirected with that subdomain + the subdomain you specified...for example
    
    `http://ssl.example.com => https://ssl.ssl.example.com`
    
    I tried to keep the subdomain option to handle this, but parsing this kind of stuff is hard. Eventually I found https://github.com/pauldix/domainatrix but I dont think this library needs a dependency on it, so I just switched the `:subdomain` option to `:host`.
  4. Change subdomain to host option

    qrush committed Feb 16, 2011
Commits on Jan 12, 2011
  1. Rack::SSL 1.2.0

    josh committed Jan 12, 2011