kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

Merge pull request #11069 from ykzts/actiondispatch-ssl-secure-flag-igonore-case

Browse source 
Flag cookies as secure with ignore case in ActionDispatch::SSL
This commit is contained in:
Guillermo Iguaran 2013-06-24 14:24:03 -07:00
commit d6bc2fa5a9
2 changed files with 15 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
actionpack/lib/action_dispatch/middleware/ssl.rb
View file

@ -57,7 +57,7 @@ module ActionDispatch
cookies = cookies.split("\n") cookies = cookies.split("\n")
headers['Set-Cookie'] = cookies.map { |cookie| headers['Set-Cookie'] = cookies.map { |cookie|
if cookie !~ /;\s+secure(;|$)/ if cookie !~ /;\s+secure(;|$)/i
"#{cookie}; secure" "#{cookie}; secure"
else else
cookie cookie

14
actionpack/test/dispatch/ssl_test.rb
View file

@ -124,6 +124,20 @@ class SSLTest < ActionDispatch::IntegrationTest
response.headers['Set-Cookie'].split("\n") response.headers['Set-Cookie'].split("\n")
end end
def test_flag_cookies_as_secure_with_ignore_case
self.app = ActionDispatch::SSL.new(lambda { |env|
headers = {
'Content-Type' => "text/html",
'Set-Cookie' => "problem=def; path=/; Secure; HttpOnly"
}
[200, headers, ["OK"]]
})
get "https://example.org/"
assert_equal ["problem=def; path=/; Secure; HttpOnly"],
response.headers['Set-Cookie'].split("\n")
end
def test_no_cookies def test_no_cookies
self.app = ActionDispatch::SSL.new(lambda { |env| self.app = ActionDispatch::SSL.new(lambda { |env|
[200, {'Content-Type' => "text/html"}, ["OK"]] [200, {'Content-Type' => "text/html"}, ["OK"]]