Change subdomain to host option

mkristian · Feb 16, 2011 · d6d72eb · d6d72eb
1 parent cefae59
commit d6d72eb
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 7 deletions.
diff --git a/lib/rack/ssl.rb b/lib/rack/ssl.rb
@@ -16,8 +16,8 @@ def initialize(app, options = {})
       @hsts = {} if @hsts.nil? || @hsts == true
       @hsts = self.class.default_hsts_options.merge(@hsts) if @hsts
 
-      @exclude   = options[:exclude]
-      @subdomain = options[:subdomain]
+      @exclude = options[:exclude]
+      @host    = options[:host]
     end
 
     def call(env)
@@ -46,10 +46,14 @@ def scheme(env)
       end
 
       def redirect_to_https(env)
-        req      = Request.new(env)
-        location = "https://#{[@subdomain, req.host].compact.join('.')}#{req.fullpath}"
+        req        = Request.new(env)
+        url        = URI(req.url)
+        url.scheme = "https"
+        url.host   = @host if @host
+        headers    = hsts_headers.merge('Content-Type' => 'text/html',
+                                        'Location'     => url.to_s)
 
-        [301, hsts_headers.merge({'Content-Type' => "text/html", 'Location' => location}), []]
+        [301, headers, []]
       end
 
       # http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02

diff --git a/test/test_ssl.rb b/test/test_ssl.rb
@@ -89,10 +89,24 @@ def test_no_cookies
     assert !last_response.headers['Set-Cookie']
   end
 
-  def test_redirect_to_secure_subdomain
-    self.app = Rack::SSL.new(default_app, :subdomain => "ssl")
+  def test_redirect_to_host
+    self.app = Rack::SSL.new(default_app, :host => "ssl.example.org")
     get "http://example.org/path?key=value"
     assert_equal "https://ssl.example.org/path?key=value",
       last_response.headers['Location']
   end
+
+  def test_redirect_to_secure_host_when_on_subdomain
+    self.app = Rack::SSL.new(default_app, :host => "ssl.example.org")
+    get "http://ssl.example.org/path?key=value"
+    assert_equal "https://ssl.example.org/path?key=value",
+      last_response.headers['Location']
+  end
+
+  def test_redirect_to_secure_subdomain_when_on_deep_subdomain
+    self.app = Rack::SSL.new(default_app, :host => "example.co.uk")
+    get "http://double.rainbow.what.does.it.mean.example.co.uk/path?key=value"
+    assert_equal "https://example.co.uk/path?key=value",
+      last_response.headers['Location']
+  end
 end