Permalink
Browse files

Change subdomain to host option

  • Loading branch information...
1 parent cefae59 commit d6d72ebcf1766fe1975e7152a4cceda509f57240 @qrush committed Feb 16, 2011
Showing with 25 additions and 7 deletions.
  1. +9 −5 lib/rack/ssl.rb
  2. +16 −2 test/test_ssl.rb
View
@@ -16,8 +16,8 @@ def initialize(app, options = {})
@hsts = {} if @hsts.nil? || @hsts == true
@hsts = self.class.default_hsts_options.merge(@hsts) if @hsts
- @exclude = options[:exclude]
- @subdomain = options[:subdomain]
+ @exclude = options[:exclude]
+ @host = options[:host]
end
def call(env)
@@ -46,10 +46,14 @@ def scheme(env)
end
def redirect_to_https(env)
- req = Request.new(env)
- location = "https://#{[@subdomain, req.host].compact.join('.')}#{req.fullpath}"
+ req = Request.new(env)
+ url = URI(req.url)
+ url.scheme = "https"
+ url.host = @host if @host
+ headers = hsts_headers.merge('Content-Type' => 'text/html',
+ 'Location' => url.to_s)
- [301, hsts_headers.merge({'Content-Type' => "text/html", 'Location' => location}), []]
+ [301, headers, []]
end
# http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02
View
@@ -89,10 +89,24 @@ def test_no_cookies
assert !last_response.headers['Set-Cookie']
end
- def test_redirect_to_secure_subdomain
- self.app = Rack::SSL.new(default_app, :subdomain => "ssl")
+ def test_redirect_to_host
+ self.app = Rack::SSL.new(default_app, :host => "ssl.example.org")
get "http://example.org/path?key=value"
assert_equal "https://ssl.example.org/path?key=value",
last_response.headers['Location']
end
+
+ def test_redirect_to_secure_host_when_on_subdomain
+ self.app = Rack::SSL.new(default_app, :host => "ssl.example.org")
+ get "http://ssl.example.org/path?key=value"
+ assert_equal "https://ssl.example.org/path?key=value",
+ last_response.headers['Location']
+ end
+
+ def test_redirect_to_secure_subdomain_when_on_deep_subdomain
+ self.app = Rack::SSL.new(default_app, :host => "example.co.uk")
+ get "http://double.rainbow.what.does.it.mean.example.co.uk/path?key=value"
+ assert_equal "https://example.co.uk/path?key=value",
+ last_response.headers['Location']
+ end
end

0 comments on commit d6d72eb

Please sign in to comment.