diff options
author | Guillermo Iguaran <guilleiguaran@gmail.com> | 2013-06-24 14:24:03 -0700 |
---|---|---|
committer | Guillermo Iguaran <guilleiguaran@gmail.com> | 2013-06-24 14:24:03 -0700 |
commit | d6bc2fa5a9186874f620df02b630d0e1b1f5f900 (patch) | |
tree | 0d83085ec112ca7516f7aeb525663202e0115e5f | |
parent | a6dd2ed4af09b7969612c0aac2218795cd5d8370 (diff) | |
parent | 891fd78cd7664cefd68fa099796614668d52cafe (diff) | |
download | rails-d6bc2fa5a9186874f620df02b630d0e1b1f5f900.tar.gz rails-d6bc2fa5a9186874f620df02b630d0e1b1f5f900.tar.bz2 rails-d6bc2fa5a9186874f620df02b630d0e1b1f5f900.zip |
Merge pull request #11069 from ykzts/actiondispatch-ssl-secure-flag-igonore-case
Flag cookies as secure with ignore case in ActionDispatch::SSL
-rw-r--r-- | actionpack/lib/action_dispatch/middleware/ssl.rb | 2 | ||||
-rw-r--r-- | actionpack/test/dispatch/ssl_test.rb | 14 |
2 files changed, 15 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/ssl.rb b/actionpack/lib/action_dispatch/middleware/ssl.rb index 68ced4e40c..8d5ab19f60 100644 --- a/actionpack/lib/action_dispatch/middleware/ssl.rb +++ b/actionpack/lib/action_dispatch/middleware/ssl.rb @@ -57,7 +57,7 @@ module ActionDispatch cookies = cookies.split("\n") headers['Set-Cookie'] = cookies.map { |cookie| - if cookie !~ /;\s+secure(;|$)/ + if cookie !~ /;\s+secure(;|$)/i "#{cookie}; secure" else cookie diff --git a/actionpack/test/dispatch/ssl_test.rb b/actionpack/test/dispatch/ssl_test.rb index 881a8474e1..61b55f3d82 100644 --- a/actionpack/test/dispatch/ssl_test.rb +++ b/actionpack/test/dispatch/ssl_test.rb @@ -124,6 +124,20 @@ class SSLTest < ActionDispatch::IntegrationTest response.headers['Set-Cookie'].split("\n") end + def test_flag_cookies_as_secure_with_ignore_case + self.app = ActionDispatch::SSL.new(lambda { |env| + headers = { + 'Content-Type' => "text/html", + 'Set-Cookie' => "problem=def; path=/; Secure; HttpOnly" + } + [200, headers, ["OK"]] + }) + + get "https://example.org/" + assert_equal ["problem=def; path=/; Secure; HttpOnly"], + response.headers['Set-Cookie'].split("\n") + end + def test_no_cookies self.app = ActionDispatch::SSL.new(lambda { |env| [200, {'Content-Type' => "text/html"}, ["OK"]] |