Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Request#scheme returns 'https' if forwarded protocol headers are set

  • Loading branch information...
commit dda892d60daff0fe7289008a4153fa628dcc8d11 1 parent 1598f87
Joshua Peek josh authored
Showing with 24 additions and 7 deletions.
  1. +14 −6 lib/rack/request.rb
  2. +10 −1 test/spec_request.rb
20 lib/rack/request.rb
View
@@ -22,7 +22,6 @@ def initialize(env)
end
def body; @env["rack.input"] end
- def scheme; @env["rack.url_scheme"] end
def script_name; @env["SCRIPT_NAME"].to_s end
def path_info; @env["PATH_INFO"].to_s end
def request_method; @env["REQUEST_METHOD"] end
@@ -63,6 +62,20 @@ def content_charset
media_type_params['charset']
end
+ def scheme
+ if @env['HTTPS'] == 'on'
+ 'https'
+ elsif @env['HTTP_X_FORWARDED_PROTO']
+ @env['HTTP_X_FORWARDED_PROTO']
+ else
+ @env["rack.url_scheme"]
+ end
+ end
+
+ def ssl?
+ scheme == 'https'
+ end
+
def host_with_port
if forwarded = @env["HTTP_X_FORWARDED_HOST"]
forwarded.split(/,\s?/).last
@@ -265,11 +278,6 @@ def ip
end
end
- def ssl?
- (@env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] == 'https') ||
- (@env['rack.url_scheme'] == 'https')
- end
-
protected
def parse_query(qs)
Utils.parse_nested_query(qs)
11 test/spec_request.rb
View
@@ -229,20 +229,29 @@
req.should.be.xhr
end
- should "figure out if using ssl" do
+ should "ssl detection" do
request = Rack::Request.new(Rack::MockRequest.env_for("/"))
+ request.scheme.should.equal "http"
request.should.not.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTPS' => 'on'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'rack.url_scheme' => 'https'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_HOST' => 'www.example.org:8080'))
+ request.scheme.should.equal "http"
request.should.not.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_HOST' => 'www.example.org:8443', 'HTTPS' => 'on'))
+ request.scheme.should.equal "https"
+ request.should.be.ssl?
+
+ request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_X_FORWARDED_PROTO' => 'https'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
end

2 comments on commit dda892d

José Valim
Owner

+1

Joshua Peek

Not that it really matters but checking @env['HTTPS'] == 'on' seems unnecessary because most rack servers set rack.scheme according to it when the env is built. It doesn't hurt though.

Please sign in to comment.
Something went wrong with that request. Please try again.