Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master

Mar 23, 2014

  1. Joshua Peek

    Rack::SSL 1.4.1

    authored March 23, 2014
  2. Joshua Peek

    Merge branch '1.3.x'

    Conflicts:
    	lib/rack/ssl.rb
    	rack-ssl.gemspec
    authored March 23, 2014
  3. Joshua Peek

    Rack::SSL 1.3.4

    authored March 23, 2014
  4. Joshua Peek

    Merge pull request #34 from josh/skip-uri-validation

    Skip URI parsing Request#url
    authored March 23, 2014

Mar 21, 2014

  1. Joshua Peek

    Skip URI parsing Request#url

    URI may fail to parse some legit URL paths
    authored March 21, 2014

Mar 17, 2014

  1. Joshua Peek

    Rack::SSL 1.4.0

    authored March 17, 2014
  2. Joshua Peek

    Merge pull request #29 from karmi/patch-1

    Added more installation/usage instructions into the README
    authored March 17, 2014
  3. Joshua Peek

    Merge pull request #31 from gomore/master

    Handle bad URIs gracefully
    authored March 17, 2014

Mar 14, 2014

  1. Jacob Tjoernholm

    Update test 404 -> 400

    authored March 14, 2014
  2. Jacob Tjoernholm

    Include Content-Type in 400 response

    To stay compatible with old Rack versions.
    authored March 14, 2014
  3. Joshua Peek

    Merge pull request #27 from gbuesing/hstsfix

    As per spec, don't include STS header in non-https responses
    authored March 14, 2014
  4. Joshua Peek

    Merge pull request #23 from jordimassaguerpla/master

    add license information to the gemspec
    authored March 14, 2014

Mar 13, 2014

  1. Jacob Tjoernholm

    Return 400 instead of 404 in case of InvalidURIError

    authored March 13, 2014

Aug 24, 2013

  1. Karel Minarik

    Added more installation/usage instructions into the README

    authored August 24, 2013

Jul 09, 2013

  1. Xavier Shay

    Handle bad URIs gracefully.

    Some adapters (i.e. jruby-rack) will pass through bad URIs, then display
    the resulting exception. This creates an attack vector for XSS attacks.
    authored July 09, 2013

Jun 24, 2013

  1. Geoff Buesing

    As per spec, don't include STS header in non-https responses

    authored June 23, 2013

Feb 06, 2013

  1. Jordi Massaguer Pla

    add license information to gemspec

    this way we can use it with rubygems.org API
    authored February 06, 2013

Jan 29, 2013

  1. Joshua Peek

    Rack::SSL 1.3.3

    authored January 29, 2013
  2. Joshua Peek

    Merge pull request #21 from rkh/redirect-307

    use status 307 for anything but GET or HEAD
    authored January 29, 2013
  3. Konstantin Haase

    use status 307 for anything but GET or HEAD

    authored January 29, 2013

Sep 26, 2012

  1. Joshua Peek

    Revert "Merge pull request #7 from bartt/master"

    This reverts commit 6a6c15d, reversing
    changes made to 239e2d4.
    authored September 26, 2012

Jun 10, 2011

  1. Joshua Peek

    Merge pull request #7 from bartt/master

    Also allow the SSL port to be specified
    authored June 10, 2011

Jun 03, 2011

  1. - Add :port to options

    authored June 03, 2011

Mar 24, 2011

  1. Joshua Peek

    Rack::SSL 1.3.2

    authored March 24, 2011
  2. Joshua Peek

    Fix array set-cookie headers in rack 1.1

    authored March 24, 2011
  3. Joshua Peek

    Rack::SSL 1.3.1

    authored March 23, 2011
  4. Joshua Peek

    Remove deps.rip

    authored March 23, 2011

Mar 23, 2011

  1. Eric Lindvall

    Be even more careful about our "secure" parsing.

    authored March 23, 2011
  2. Eric Lindvall

    Split out the test.

    authored March 23, 2011
  3. Eric Lindvall

    Make sure a "secure" directive at the end of a cookie is noticed.

    authored March 23, 2011

Feb 16, 2011

  1. Joshua Peek

    Rack::SSL 1.3.0

    authored February 16, 2011
  2. Joshua Peek

    Add gemspec

    authored February 16, 2011
  3. Joshua Peek

    Merge pull request #2 from qrush/rack-ssl

    ---
    
    So a bug with my last patch was if you accessed a subdomain on http, you got redirected with that subdomain + the subdomain you specified...for example
    
    `http://ssl.example.com => https://ssl.ssl.example.com`
    
    I tried to keep the subdomain option to handle this, but parsing this kind of stuff is hard. Eventually I found https://github.com/pauldix/domainatrix but I dont think this library needs a dependency on it, so I just switched the `:subdomain` option to `:host`.
    authored February 16, 2011
  4. Nick Quaranto

    Change subdomain to host option

    authored February 16, 2011

Jan 12, 2011

  1. Joshua Peek

    Rack::SSL 1.2.0

    authored January 12, 2011
Something went wrong with that request. Please try again.