1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Rename constrain_to to exclude.

`ActionDispatch::SSL` redirects all HTTP requests to HTTPS, not just some.
The `constrain_to` option inverts this, so it sounds like the middleware
only handles a few requests, rather than the majority with a few routes to
opt out of the redirect.

Renaming to `exclude` matches this intent more closely.
This commit is contained in:
Kasper Timm Hansen 2016-03-03 21:09:58 +01:00
parent 2ef8a0e2b8
commit 493313228a
2 changed files with 8 additions and 7 deletions

View file

@ -37,7 +37,7 @@ module ActionDispatch
# #
# Redirection can be constrained to only whitelisted requests with `constrain_to`: # Redirection can be constrained to only whitelisted requests with `constrain_to`:
# #
# config.ssl_options = { redirect: { constrain_to: -> request { request.path !~ /healthcheck/ } } } # config.ssl_options = { redirect: { exclude: -> request { request.path =~ /healthcheck/ } } }
class SSL class SSL
# Default to 180 days, the low end for https://www.ssllabs.com/ssltest/ # Default to 180 days, the low end for https://www.ssllabs.com/ssltest/
# and greater than the 18-week requirement for browser preload lists. # and greater than the 18-week requirement for browser preload lists.
@ -59,7 +59,8 @@ module ActionDispatch
else else
@redirect = redirect @redirect = redirect
end end
@constrain_to = @redirect && @redirect[:constrain_to] || proc { @redirect }
@exclude = @redirect && @redirect[:exclude] || proc { !@redirect }
@secure_cookies = secure_cookies @secure_cookies = secure_cookies
if hsts != true && hsts != false && hsts[:subdomains].nil? if hsts != true && hsts != false && hsts[:subdomains].nil?
@ -84,7 +85,7 @@ module ActionDispatch
flag_cookies_as_secure! headers if @secure_cookies flag_cookies_as_secure! headers if @secure_cookies
end end
else else
return redirect_to_https request if @constrain_to.call(request) return redirect_to_https request unless @exclude.call(request)
@app.call(env) @app.call(env)
end end
end end

View file

@ -39,11 +39,11 @@ class RedirectSSLTest < SSLTest
assert_equal redirect[:body].join, @response.body assert_equal redirect[:body].join, @response.body
end end
test 'constrain to can avoid redirect' do test 'exclude can avoid redirect' do
constraining = { constrain_to: -> request { request.path !~ /healthcheck/ } } excluding = { exclude: -> request { request.path =~ /healthcheck/ } }
assert_not_redirected 'http://example.org/healthcheck', redirect: constraining assert_not_redirected 'http://example.org/healthcheck', redirect: excluding
assert_redirected from: 'http://example.org/', redirect: constraining assert_redirected from: 'http://example.org/', redirect: excluding
end end
test 'https is not redirected' do test 'https is not redirected' do