Browse files

Request#scheme returns 'https' if forwarded protocol headers are set

  • Loading branch information...
1 parent 1598f87 commit dda892d60daff0fe7289008a4153fa628dcc8d11 @josh josh committed Oct 26, 2010
Showing with 24 additions and 7 deletions.
  1. +14 −6 lib/rack/request.rb
  2. +10 −1 test/spec_request.rb
View
20 lib/rack/request.rb
@@ -22,7 +22,6 @@ def initialize(env)
end
def body; @env["rack.input"] end
- def scheme; @env["rack.url_scheme"] end
def script_name; @env["SCRIPT_NAME"].to_s end
def path_info; @env["PATH_INFO"].to_s end
def request_method; @env["REQUEST_METHOD"] end
@@ -63,6 +62,20 @@ def content_charset
media_type_params['charset']
end
+ def scheme
+ if @env['HTTPS'] == 'on'
+ 'https'
+ elsif @env['HTTP_X_FORWARDED_PROTO']
+ @env['HTTP_X_FORWARDED_PROTO']
+ else
+ @env["rack.url_scheme"]
+ end
+ end
+
+ def ssl?
+ scheme == 'https'
+ end
+
def host_with_port
if forwarded = @env["HTTP_X_FORWARDED_HOST"]
forwarded.split(/,\s?/).last
@@ -265,11 +278,6 @@ def ip
end
end
- def ssl?
- (@env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] == 'https') ||
- (@env['rack.url_scheme'] == 'https')
- end
-
protected
def parse_query(qs)
Utils.parse_nested_query(qs)
View
11 test/spec_request.rb
@@ -229,20 +229,29 @@
req.should.be.xhr
end
- should "figure out if using ssl" do
+ should "ssl detection" do
request = Rack::Request.new(Rack::MockRequest.env_for("/"))
+ request.scheme.should.equal "http"
request.should.not.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTPS' => 'on'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'rack.url_scheme' => 'https'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_HOST' => 'www.example.org:8080'))
+ request.scheme.should.equal "http"
request.should.not.be.ssl?
request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_HOST' => 'www.example.org:8443', 'HTTPS' => 'on'))
+ request.scheme.should.equal "https"
+ request.should.be.ssl?
+
+ request = Rack::Request.new(Rack::MockRequest.env_for("/", 'HTTP_X_FORWARDED_PROTO' => 'https'))
+ request.scheme.should.equal "https"
request.should.be.ssl?
end

2 comments on commit dda892d

@josevalim
Official Rack repositories member

+1

@josh

Not that it really matters but checking @env['HTTPS'] == 'on' seems unnecessary because most rack servers set rack.scheme according to it when the env is built. It doesn't hurt though.

Please sign in to comment.