Sha256: c5f9c51d4b880d74353d89bfb3bd683ff8c37030b4b8eac7dfcdc170710ab84f

Contents?: true

Size: 1.13 KB

Versions: 1

Compression:

Stored size: 1.13 KB

Contents

module EnforceSsl
  class EnforceSslRack

    def initialize(app)
      @app = app
    end
    
    def call(env)
      scheme = env["rack.url_scheme"]
      port = env["SERVER_PORT"]
      is_ssl = port.to_i == Rails.configuration.ssl_port.to_i
      is_not_ssl = port.to_i == Rails.configuration.no_ssl_port.to_i

      if is_ssl
        @status, @headers, @body = @app.call(env)
        
        # use only if max_age is set and only in production mode since it
        # needs a proper (not self-signed) certificate
        if Rails.configuration.hsts_max_age && Rails.env == "production"
          subdomain = Rails.configuration.hsts_include_sub_domains? ? " ; includeSubDomains" : ""
          @headers['Strict-Transport-Security'] = "max-age=#{Rails.configuration.hsts_max_age.to_i}" + subdomain
          
        end
      elsif is_not_ssl
        @headers = { "location" => "https://" + env["HTTP_HOST"].sub(/\:.*/, '') + ":#{Rails.configuration.ssl_port}" + env["PATH_INFO"] }
        @status = 302
        @body = ''
      else
        @status, @headers, @body = @app.call(env)
      end
      [@status, @headers, @body]
    end
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version Path
enforce-ssl-0.2.0 lib/enforce_ssl/enforce_ssl_rack.rb