Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Browse files

Merge pull request #3710 from dmathieu/cherry-pick-ssl-config

Cherry pick ssl config
  • Loading branch information...
commit 3df6c73f9edb3a99f0d51d827ef13a439f31743a 2 parents e9474c8 + dcafc76
@josevalim josevalim authored
2  railties/guides/source/configuring.textile
@@ -181,7 +181,7 @@ h4. Configuring Middleware
Every Rails application comes with a standard set of middleware which it uses in this order in the development environment:
-* +Rack::SSL+ Will force every request to be under HTTPS protocol. Will be available if +config.force_ssl+ is set to +true+.
+* +Rack::SSL+ Will force every request to be under HTTPS protocol. Will be available if +config.force_ssl+ is set to +true+. Options passed to this can be configured by using +config.ssl_options+.
* +ActionDispatch::Static+ is used to serve static assets. Disabled if +config.serve_static_assets+ is +true+.
* +Rack::Lock+ Will wrap the app in mutex so it can only be called by a single thread at a time. Only enabled if +config.action_controller.allow_concurrency+ is set to +false+, which it is by default.
* +ActiveSupport::Cache::Strategy::LocalCache+ Serves as a basic memory backed cache. This cache is not thread safe and is intended only for serving as a temporary memory cache for a single thread.
2  railties/lib/rails/application.rb
@@ -151,7 +151,7 @@ def default_middleware_stack
if config.force_ssl
require "rack/ssl"
- middleware.use ::Rack::SSL
+ middleware.use ::Rack::SSL, config.ssl_options
if config.serve_static_assets
4 railties/lib/rails/application/configuration.rb
@@ -10,7 +10,8 @@ class Configuration < ::Rails::Engine::Configuration
:dependency_loading, :filter_parameters,
:force_ssl, :helpers_paths, :logger, :preload_frameworks,
:reload_plugins, :secret_token, :serve_static_assets,
- :static_cache_control, :session_options, :time_zone, :whiny_nils
+ :ssl_options, :static_cache_control, :session_options,
+ :time_zone, :whiny_nils
attr_writer :log_level
attr_reader :encoding
@@ -26,6 +27,7 @@ def initialize(*)
@serve_static_assets = true
@static_cache_control = nil
@force_ssl = false
+ @ssl_options = {}
@session_store = :cookie_store
@session_options = {}
@time_zone = "UTC"
8 railties/test/application/middleware_test.rb
@@ -61,6 +61,14 @@ def app
assert middleware.include?("Rack::SSL")
+ test "Rack::SSL is configured with options when given" do
+ add_to_config "config.force_ssl = true"
+ add_to_config "config.ssl_options = { :host => '' }"
+ boot!
+ assert_equal AppTemplate::Application.middleware.first.args, [{:host => ''}]
+ end
test "removing Active Record omits its middleware" do
use_frameworks []
Please sign in to comment.
Something went wrong with that request. Please try again.