Class: Rack::SecureOnly

Inherits:
Object
  • Object
show all
Defined in:
lib/rack/secure_only.rb

Overview

SecureOnly will redirect to https if the request is on http.

When passed :secure => false it will do the opposite and redirect https to http

The check if the current request is on https includes checking the HTTP_X_FORWARDED_PROTO header.

This means the redirect will also work on heroku.com

Instance Method Summary collapse

Constructor Details

#initialize(app, opts = {}) ⇒ SecureOnly

Returns a new instance of SecureOnly.



22
23
24
25
26
27
28
29
30
 
# File 'lib/rack/secure_only.rb', line 22

def initialize(app, opts={})
  @app    = app
  @opts    = { 
              :secure => true, 
              :status_code => 301, 
              :redirect_to => nil, 
              :use_http_x_forwarded_proto => true 
              }.merge(opts)      
end

Instance Method Details

#call(env) ⇒ Object 



32
33
34
35
36
37
38
 
# File 'lib/rack/secure_only.rb', line 32

def call(env)
  should_redirect, to_path = redirect?(env)
  if should_redirect
    return [@opts[:status_code], { 'Content-Type'  => 'text/plain', 'Location' => to_path }, ["Redirect"]]
  end
  @app.call(env)
end

#handle?(req) ⇒ Boolean

Returns false if the current request should not be handled by the middleware

Returns:

  • (Boolean) 


55
56
57
58
59
60
61
62
 
# File 'lib/rack/secure_only.rb', line 55

def handle?(req)
  if @opts.key?(:if)
    cond = @opts[:if]
    cond = cond.call(req) if cond.respond_to?(:call)
    return cond
  end
  true
end

#not_secure?Boolean

Inversed boolean accesor for :secure

Returns:

  • (Boolean) 


48
49
50
 
# File 'lib/rack/secure_only.rb', line 48

def not_secure?
  !secure?
end

#secure?Boolean

Boolean accesor for :secure

Returns:

  • (Boolean) 


42
43
44
 
# File 'lib/rack/secure_only.rb', line 42

def secure?
  !!@opts[:secure]
end