mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Rename constrain_to to exclude.
`ActionDispatch::SSL` redirects all HTTP requests to HTTPS, not just some. The `constrain_to` option inverts this, so it sounds like the middleware only handles a few requests, rather than the majority with a few routes to opt out of the redirect. Renaming to `exclude` matches this intent more closely.
This commit is contained in:
parent
2ef8a0e2b8
commit
493313228a
2 changed files with 8 additions and 7 deletions
|
@ -37,7 +37,7 @@ module ActionDispatch
|
||||||
#
|
#
|
||||||
# Redirection can be constrained to only whitelisted requests with `constrain_to`:
|
# Redirection can be constrained to only whitelisted requests with `constrain_to`:
|
||||||
#
|
#
|
||||||
# config.ssl_options = { redirect: { constrain_to: -> request { request.path !~ /healthcheck/ } } }
|
# config.ssl_options = { redirect: { exclude: -> request { request.path =~ /healthcheck/ } } }
|
||||||
class SSL
|
class SSL
|
||||||
# Default to 180 days, the low end for https://www.ssllabs.com/ssltest/
|
# Default to 180 days, the low end for https://www.ssllabs.com/ssltest/
|
||||||
# and greater than the 18-week requirement for browser preload lists.
|
# and greater than the 18-week requirement for browser preload lists.
|
||||||
|
@ -59,7 +59,8 @@ module ActionDispatch
|
||||||
else
|
else
|
||||||
@redirect = redirect
|
@redirect = redirect
|
||||||
end
|
end
|
||||||
@constrain_to = @redirect && @redirect[:constrain_to] || proc { @redirect }
|
|
||||||
|
@exclude = @redirect && @redirect[:exclude] || proc { !@redirect }
|
||||||
@secure_cookies = secure_cookies
|
@secure_cookies = secure_cookies
|
||||||
|
|
||||||
if hsts != true && hsts != false && hsts[:subdomains].nil?
|
if hsts != true && hsts != false && hsts[:subdomains].nil?
|
||||||
|
@ -84,7 +85,7 @@ module ActionDispatch
|
||||||
flag_cookies_as_secure! headers if @secure_cookies
|
flag_cookies_as_secure! headers if @secure_cookies
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
return redirect_to_https request if @constrain_to.call(request)
|
return redirect_to_https request unless @exclude.call(request)
|
||||||
@app.call(env)
|
@app.call(env)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -39,11 +39,11 @@ class RedirectSSLTest < SSLTest
|
||||||
assert_equal redirect[:body].join, @response.body
|
assert_equal redirect[:body].join, @response.body
|
||||||
end
|
end
|
||||||
|
|
||||||
test 'constrain to can avoid redirect' do
|
test 'exclude can avoid redirect' do
|
||||||
constraining = { constrain_to: -> request { request.path !~ /healthcheck/ } }
|
excluding = { exclude: -> request { request.path =~ /healthcheck/ } }
|
||||||
|
|
||||||
assert_not_redirected 'http://example.org/healthcheck', redirect: constraining
|
assert_not_redirected 'http://example.org/healthcheck', redirect: excluding
|
||||||
assert_redirected from: 'http://example.org/', redirect: constraining
|
assert_redirected from: 'http://example.org/', redirect: excluding
|
||||||
end
|
end
|
||||||
|
|
||||||
test 'https is not redirected' do
|
test 'https is not redirected' do
|
||||||
|
|
Loading…
Reference in a new issue