Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

SSL should not be disabled by default in any environment.

  • Loading branch information...
commit ab838900f8a5fac4ad251257a77ae0edf7543942 1 parent ed988ee
@pat pat authored pixeltrix committed
View
2  actionpack/lib/action_controller/metal/force_ssl.rb
@@ -26,7 +26,7 @@ module ClassMethods
def force_ssl(options = {})
host = options.delete(:host)
before_filter(options) do
- if !request.ssl? && !Rails.env.development?
+ unless request.ssl?
redirect_options = {:protocol => 'https://', :status => :moved_permanently}
redirect_options.merge!(:host => host) if host
redirect_options.merge!(:params => request.query_parameters)
View
14 actionpack/test/controller/force_ssl_test.rb
@@ -109,20 +109,6 @@ def test_cheeseburger_redirects_to_https
end
end
-class ForceSSLExcludeDevelopmentTest < ActionController::TestCase
- tests ForceSSLControllerLevel
-
- def setup
- Rails.env.stubs(:development?).returns(false)
- end
-
- def test_development_environment_not_redirects_to_https
- Rails.env.stubs(:development?).returns(true)
- get :banana
- assert_response 200
- end
-end
-
class ForceSSLFlashTest < ActionController::TestCase
tests ForceSSLFlash
Please sign in to comment.
Something went wrong with that request. Please try again.