Rack::SslEnforcer is a simple Rack middleware to enforce ssl connections
sudo gem install rack-ssl-enforcer -s http://gemcutter.org
require 'rack-ssl-enforcer' use Rack::SslEnforcer
This will redirect all plain-text requests to SSL. Rack::SslEnforcer accepts two params, :redirect_to and :message. You might need the :redirect_to option if the requested URL can't be determined (e.g. if using a proxy).
use Rack::SslEnforcer, :redirect_to => 'https://example.org', :message => 'R-R-R-Redirecting...'
You can also define specifics regex pattern or path to redirect.
use Rack::SslEnforcer, :only => /^\/admin\// use Rack::SslEnforcer, :only => "/login" use Rack::SslEnforcer, :only => ["/login", /\.xml$/]
And force http for non-https path
use Rack::SslEnforcer, :only => ["/login", /\.xml$/], :strict => true
Note on Patches/Pull Requests
Fork the project.
Make your feature addition or bug fix.
Add tests for it. This is important so I don't break it in a future version unintentionally.
Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
Send me a pull request. Bonus points for topic branches.
Copyright © 2010 Tobias Matthies. See LICENSE for details.