Project

panmind-sslhelper

0.0
No commit activity in last 3 years
No release in over 3 years
panmind-sslhelperpanmind/ssl_helperHomepageDocumentationSource CodeBug TrackerWiki
SSLHelper provides controller helpers to require/refuse SSL onto specific actions, test helpers to verify controller behaviours and named route counterparts (e.g. ssl_login_url) to clean up your view and controller code. HTTP(S) ports are configurable.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Popularity
Downloads
14,918
Stars
7
Forks
2
Watchers
6
 Releases
Current version
0.9.2
Total releases
4
First release
2010-07-30
Latest release
2012-02-11
 Issues
Open Issues
1
Closed Issues
2
Total Issues
3
Issue Closure Rate
66%
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
1
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Average date of last 50 commits
2010-11-03
Reverse Dependencies
0

 Dependencies

Runtime

rails
~> 3.0
 Project Readme

SSLHelper: an SSL plugin for Rails 3

Purpose

This plugin implements the same features as Rails' ssl_requirement plugin, plus builds on existing named route helpers by adding plain_ and ssl_ counterparts.

Installation

Via RubyGems:

gem install panmind-sslhelper

Or via Rails Plugin:

rails plugin install git://github.com/Panmind/ssl_helper.git

Usage

After you get the plugin loaded, you'll have plain_ and ssl_ counterparts to all your named route helpers, e.g.: ssl_root_url or plain_user_url(user)

You can use them in your views, controllers and functional tests, as they were built in into the framework.

Views:

<%= link_to 'login', ssl_login_url %>
<%= link_to 'home', plain_root_url %>

Controllers:

def foo
  redirect_to ssl_foos_url
end

Functionals:

context "an admin" do
  should "access admin area only via SSL" do
    setup { login_as @admin }

    without_ssl do
      get :index
      assert_redirected_to ssl_admin_url
    end

    with_ssl do
      get :index
      assert_response :success
    end
  end
end

The additional with_ssl, without_ssl, use_ssl and forget_ssl are available in your tests. The first two ones accept blocks evaluated with SSL set or unset, the others set/unset SSL for a number of consecutive tests (e.g. use them in your setup method).

Compatibility

Tested with Rails 3.0.3 running under Ruby 1.9.2p0

Server configuration

The plugin relies on the HTTPS server variable, that is set automatically by Rails if the X-Forwarded-Proto header is set to https. To avoid clients setting that header, take care to add the corresponding configuration for your web server.

Nginx

Set proxy_set_header in your nginx config file, such as:

server {
  listen 80;
  #
  # your configuration
  #
  location / {
    proxy_set_header X-Forwarded-Proto http;
  }
}

server {
  listen 443;
  #
  # your configuration
  #
  location / {
    proxy_set_header X-Forwarded-Proto https;
  }
}

Apache

Set RequestHeader in your apache sites, such as:

<VirtualHost *:80>

    ...

    RequestHeader set X_FORWARDED_PROTO 'http'
</VirtualHost>


<IfModule mod_ssl.c>
<VirtualHost *:443>

    ...

	RequestHeader set X_FORWARDED_PROTO 'https'
</VirtualHost>
</IfModule>