Contents

# frozen_string_literal: true

module ActionDispatch
  # = Action Dispatch \AssumeSSL
  #
  # When proxying through a load balancer that terminates SSL, the forwarded request will appear
  # as though it's HTTP instead of HTTPS to the application. This makes redirects and cookie
  # security target HTTP instead of HTTPS. This middleware makes the server assume that the
  # proxy already terminated SSL, and that the request really is HTTPS.
  class AssumeSSL
    def initialize(app)
      @app = app
    end

    def call(env)
      env["HTTPS"] = "on"
      env["HTTP_X_FORWARDED_PORT"] = "443"
      env["HTTP_X_FORWARDED_PROTO"] = "https"
      env["rack.url_scheme"] = "https"

      @app.call(env)
    end
  end
end

Version data entries

12 entries across 12 versions & 4 rubygems

Version	Path
minato_ruby_api_client-0.2.2	vendor/bundle/ruby/3.2.0/gems/actionpack-7.1.3.4/lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.5.1	lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.5	lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.4.2	lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.4.1	lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.4	lib/action_dispatch/middleware/assume_ssl.rb
blacklight-spotlight-3.6.0.beta8	vendor/bundle/ruby/3.2.0/gems/actionpack-7.1.3.4/lib/action_dispatch/middleware/assume_ssl.rb
tinymce-rails-7.1.2	vendor/bundle/ruby/3.3.0/gems/actionpack-7.1.3.4/lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.3.4	lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.3.2	lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.3.1	lib/action_dispatch/middleware/assume_ssl.rb
actionpack-7.1.3	lib/action_dispatch/middleware/assume_ssl.rb