Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Request#scheme returns 'https' if forwarded protocol headers are set

  • Loading branch information...
commit dda892d60daff0fe7289008a4153fa628dcc8d11 1 parent 1598f87
@josh josh authored
Showing with 24 additions and 7 deletions.
  1. +14 −6 lib/rack/request.rb
  2. +10 −1 test/spec_request.rb
View
20 lib/rack/request.rb
@@ -22,7 +22,6 @@ def initialize(env)
end
def body; @env["rack.input"] end
- def scheme; @env["rack.url_scheme"] end
def script_name; @env["SCRIPT_NAME"].to_s end
def path_info; @env["PATH_INFO"].to_s end
def request_method; @env["REQUEST_METHOD"] end
@@ -63,6 +62,20 @@ def content_charset
media_type_params['charset']
end
+ def scheme
+ if @env['HTTPS'] == 'on'
+ 'https'
+ elsif @env['HTTP_X_FORWARDED_PROTO']
+ @env['HTTP_X_FORWARDED_PROTO']
+ else
+ @env["rack.url_scheme"]
+ end
+ end
+
+ def ssl?
+ scheme == 'https'
+ end
+
def host_with_port
if forwarded = @env["HTTP_X_FORWARDED_HOST"]
forwarded.split(/,\s?/).last
@@ -265,11 +278,6 @@ def ip
end
end
- def ssl?
- (@env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] == 'https') ||
- (@env['rack.url_scheme'] == 'https')
- end
-
protected
def parse_query(qs)
Utils.parse_nested_query(qs)
View
11 test/spec_request.rb
@@ -229,20 +229,29 @@
req.should.be.xhr
end
- should "figure out if using ssl" do
+ should "ssl detection" do
request = Rack::Request.new(Rack::MockRequest.env_for("/"))
+ request.scheme.should.equal "http"
request.should.not.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTPS' => 'on'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'rack.url_scheme' => 'https'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_HOST' => 'www.example.org:8080'))
+ request.scheme.should.equal "http"
request.should.not.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_HOST' => 'www.example.org:8443', 'HTTPS' => 'on'))
+ request.scheme.should.equal "https"
+ request.should.be.ssl?
+
+ request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_X_FORWARDED_PROTO' => 'https'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
end

2 comments on commit dda892d

@josevalim
Owner

+1

@josh

Not that it really matters but checking @env['HTTPS'] == 'on' seems unnecessary because most rack servers set rack.scheme according to it when the env is built. It doesn't hurt though.

Please sign in to comment.
Something went wrong with that request. Please try again.