Working with Rails force_ssl #1121

Closed
brycesenz opened this Issue Jul 18, 2013 · 10 comments

Projects

None yet

5 participants

@brycesenz

In my Rails app, I use the force_ssl configuration in my environment files, and force_ssl in most of my controllers (in my test environment as well). Getting this to work with Capybara has been a pain - the server would just time out.

I finally got things working, but it required two things: (1) configuring the Capybara server to use a local SSL certificate that I'd made, and (2) overriding the responsive? method for the server to send HTTPS requests.

Here's the code I ended up using. I put all of it into my spec_helper.rb file just for simplicity.

module Capybara
  class Server
    def responsive?
      return false if @server_thread && @server_thread.join(0)

      http = Net::HTTP.new(host, @port)
      http.use_ssl = true
      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
      res = http.get('/__identify__')

      if res.is_a?(Net::HTTPSuccess) or res.is_a?(Net::HTTPRedirection)
        return res.body == @app.object_id.to_s
      end
    rescue SystemCallError
      return false
    end
  end
end

def run_ssl_server(app, port)
  require 'webrick/https'
  require 'rack/handler/webrick'

  new_opts = {
    :Port => port,
    :environment => (ENV['RAILS_ENV'] || "test").dup,
    :daemonize => false,
    :debugger => false,
    :config => File.expand_path("config.ru"),
    :AccessLog => [],
    :Logger => WEBrick::Log::new(nil, 0),
    :SSLEnable => true,
    :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
    :SSLPrivateKey => OpenSSL::PKey::RSA.new(File.open("myserver.key").read),
    :SSLCertificate => OpenSSL::X509::Certificate.new(File.open("myserver.crt").read),
    :SSLCertName => [["US", WEBrick::Utils::getservername]],
  }

  Rack::Handler::WEBrick.run(app, new_opts)
end

Capybara.server_port = 3001
Capybara.app_host = "https://localhost:%d" % Capybara.server_port
Capybara.server do |app, port|
  run_ssl_server(app, port)
end

Does this configuration make sense, or did I overlook some better way of achieving the same thing? And if it makes sense, is there any interest in merging in the ability to specify the responsive? function to respond to SSL?

@jnicklas
Collaborator

This isn't really an issue, please post to the mailing list.

@jnicklas jnicklas closed this Jul 18, 2013
@brycesenz

Sorry for being a bit unsure of best practices with this. What do you mean "post to the mailing list" though? Is there a mailing list for like, feature requests, and if so, what is it?

@jnicklas
Collaborator

There is a mailing list for Capybara, if you look at the second sentence of the README, it says this:

Need help? Ask on the mailing list (please do not open an issue on GitHub): http://groups.google.com/group/ruby-capybara

If you look at the contribution guide (which is linked from the "new issue" page, and from the README) you will find a thorough explanation.

@jnicklas
Collaborator

I'm not sure why you had to jump through so many hoops, but if you post to the mailing list, others might have simpler solutions, so we might find a better way rather than leaving a dead issue lying here which probably won't ever find a satisfying resolution because we don't really know what's even wrong.

@kbaum
kbaum commented Sep 12, 2013

@brycesenz - i'm struggling to get my tests working with ssl as well. Was able to use your monkey patch but then i still struggled to get selenium (firefox) to automatically accept the self-signed certificate. Didn't see this conversation continued on the mailing list. Where did you end up with things?

thx

@brycesenz

@kbaum - I looked through the mailing list, but honestly, it looked like I was the only one having SSL problems so I didn't post anything. If you create a new issue and link it back here though (or some easier alternative), we can try to figure out what's going wrong.

@kbaum
kbaum commented Sep 12, 2013

@brycesenz - I would but it seems that @jnicklas didn't think it was pull request worthy. I responded to a thread on the mailing list, but so far nobody else has spoken up. I was able to get things working by following your example and monkey patching the responsive? method. I also had to ensure that i was using the latest firefox as firefox 17 did not seem to honor the ignore ssl check option. Overall, i think some more light needs to be shed in this area.

@volkanunsal

👍 This is a huge issue for me. Thanks @kbaum and @brycesenz for the patch.

@bbuchalter

@brycesenz was there ever a less hackful way found to get Capybara to work with SSL? I found your post saying there was going to be an update, but couldn't find one.

@brycesenz

@bbuchalter - I don't know whose blog that is, but it isn't mine. I'm glad they liked my code though! I still use the same code as I have on this post; I kind of want to dig back into what exactly is going wrong, but I've been swamped with other projects and standing up a few gems of my own.

Sorry I can't be of more help right now, but for the sake of all of us on this thread, post back if you find a better way!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment