1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Commit graph

11 commits

Author SHA1 Message Date
Guo Xiang
1f8933077d Remove tests method for test cases when controller can be inferred. 2014-05-03 23:55:23 -07:00
Andrew White
f99ce3c188 Add support for extra options to force_ssl
This commit adds support for passing additional url options along
with a :status option and any of the flash-related options to
`redirect_to` (i.e. :flash, :alert & :notice).

Closes #7570.
2013-04-25 13:45:52 +01:00
Andrew White
8227bf7ee9 Use request.fullpath to build redirect url in force_ssl
The `force_ssl` command now builds the redirect url from `request.fullpath`.
This ensures that the format is maintained and it doesn't redirect to a route
that has the same parameters but is defined earlier in `routes.rb`. Also any
optional segments are maintained.

Fixes #7528.
Fixes #9061.
Fixes #10305.
2013-04-25 08:33:21 +01:00
Jeremy Friesen
4791822368 Extracted redirect logic from ActionController::Force::ClassMethods.force_ssl
Prior to this patch the existing .force_ssl method handles both defining
the filter and handling the logic for performing the redirect.

With this patch the logic for redirecting to the HTTPS protocol is
separated from the filter logic that determines if a redirect should
occur.  By separating the two levels of behavior, an instance method
for ActionController (i.e. #force_ssl_redirect) is exposed and available
for more granular SSL enforcement.

Cleaned up indentation.
2012-05-31 12:39:28 -04:00
Alexey Vakhov
7f6bb2d86d Tests :if option of force_ssl method 2012-04-01 09:44:49 +04:00
Pat Allan
ab838900f8 SSL should not be disabled by default in any environment. 2012-02-23 13:25:13 +00:00
Ryan McGeary
6efb849b32 Fixed force_ssl redirects to include original query params
`ActionController.force_ssl` redirects http URLs to their https equivalent;
however, when a URL contains a query string, the resulting redirect lacked the
original query string.

Conflicts:

	actionpack/lib/action_controller/metal/force_ssl.rb
2012-02-07 13:28:29 -05:00
Carlos Antonio da Silva
1b4edd173d Use performed? instead of checking for response_body
* Check for performed? instead of response_body
* Change performed? to return a boolean
* Refactor AC::Metal#response_body= to reuse variable
2012-01-19 18:25:52 -02:00
Marcin Bunsch and Przemek Dąbek
321dae5dcc When force redirecting to SSL, make sure that the session is kept. As we're moving from a non-secure to secure environment, it's safe 2012-01-12 20:31:23 +01:00
Ben Scheirman
d68f27e9b1 accept optional :host parameter to force_ssl 2011-10-08 18:38:02 -05:00
Prem Sichanugrist
7cbdfa8303 Add controller-specific force_ssl method to force web browser to use HTTPS protocol
This would become useful for site which sometime transferring sensitive information such as account information on particular controller or action.

This featured was requested by DHH.
2011-03-28 04:58:47 +08:00