Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

SSL requirement plugin keeps flash when it redirects. Closes #8649 [r…

…undeks, fogle]
  • Loading branch information...
commit 34a9a138c4093bd7d5678822f8f1e62c31d47299 1 parent aa2dded
@jeremy jeremy authored
Showing with 39 additions and 3 deletions.
  1. +2 −0  lib/ssl_requirement.rb
  2. +37 −3 test/ssl_requirement_test.rb
View
2  lib/ssl_requirement.rb
@@ -51,9 +51,11 @@ def ensure_proper_protocol
if ssl_required? && !request.ssl?
redirect_to "https://" + request.host + request.request_uri
+ flash.keep
return false
elsif request.ssl? && !ssl_required?
redirect_to "http://" + request.host + request.request_uri
+ flash.keep
return false
end
end
View
40 test/ssl_requirement_test.rb
@@ -44,6 +44,10 @@ def c
def d
render :nothing => true
end
+
+ def set_flash
+ flash[:foo] = "bar"
+ end
end
class SslRequirementTest < Test::Unit::TestCase
@@ -53,14 +57,44 @@ def setup
@response = ActionController::TestResponse.new
end
+ def test_redirect_to_https_preserves_flash
+ get :set_flash
+ get :b
+ assert_response :redirect
+ assert_equal "bar", flash[:foo]
+ end
+
+ def test_not_redirecting_to_https_does_not_preserve_the_flash
+ get :set_flash
+ get :d
+ assert_response :success
+ assert_nil flash[:foo]
+ end
+
+ def test_redirect_to_http_preserves_flash
+ get :set_flash
+ @request.env['HTTPS'] = "on"
+ get :d
+ assert_response :redirect
+ assert_equal "bar", flash[:foo]
+ end
+
+ def test_not_redirecting_to_http_does_not_preserve_the_flash
+ get :set_flash
+ @request.env['HTTPS'] = "on"
+ get :a
+ assert_response :success
+ assert_nil flash[:foo]
+ end
+
def test_required_without_ssl
assert_not_equal "on", @request.env["HTTPS"]
get :a
assert_response :redirect
- assert_match %r{^https://}, @response.headers['location']
+ assert_match %r{^https://}, @response.headers['Location']
get :b
assert_response :redirect
- assert_match %r{^https://}, @response.headers['location']
+ assert_match %r{^https://}, @response.headers['Location']
end
def test_required_with_ssl
@@ -81,7 +115,7 @@ def test_disallowed_with_ssl
@request.env['HTTPS'] = "on"
get :d
assert_response :redirect
- assert_match %r{^http://}, @response.headers['location']
+ assert_match %r{^http://}, @response.headers['Location']
end
def test_allowed_without_ssl

0 comments on commit 34a9a13

Please sign in to comment.
Something went wrong with that request. Please try again.