diff options
| author | Andrew White <andyw@pixeltrix.co.uk> | 2013-04-25 08:33:21 +0100 |
|---|---|---|
| committer | Andrew White <andyw@pixeltrix.co.uk> | 2013-04-25 08:33:21 +0100 |
| commit | 8227bf7ee9697d71547c6fa3cdc880952c6ba7ec (patch) | |
| tree | 319ec4320ca24e85c290f9376a58d389bbbb1951 /actionpack/lib/action_controller | |
| parent | 8aafb3d33d55130ef40946958f629e269d007bfe (diff) | |
| download | rails-8227bf7ee9697d71547c6fa3cdc880952c6ba7ec.tar.gz rails-8227bf7ee9697d71547c6fa3cdc880952c6ba7ec.tar.bz2 rails-8227bf7ee9697d71547c6fa3cdc880952c6ba7ec.zip | |
Use `request.fullpath` to build redirect url in `force_ssl`
The `force_ssl` command now builds the redirect url from `request.fullpath`.
This ensures that the format is maintained and it doesn't redirect to a route
that has the same parameters but is defined earlier in `routes.rb`. Also any
optional segments are maintained.
Fixes #7528.
Fixes #9061.
Fixes #10305.
Diffstat (limited to 'actionpack/lib/action_controller')
| -rw-r--r-- | actionpack/lib/action_controller/metal/force_ssl.rb | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/actionpack/lib/action_controller/metal/force_ssl.rb b/actionpack/lib/action_controller/metal/force_ssl.rb index f1e8714a86..fe61dd1f86 100644 --- a/actionpack/lib/action_controller/metal/force_ssl.rb +++ b/actionpack/lib/action_controller/metal/force_ssl.rb @@ -51,11 +51,14 @@ module ActionController # * <tt>host</tt> - Redirect to a different host name def force_ssl_redirect(host = nil) unless request.ssl? - redirect_options = {:protocol => 'https://', :status => :moved_permanently} - redirect_options.merge!(:host => host) if host - redirect_options.merge!(:params => request.query_parameters) + secure_url = ActionDispatch::Http::URL.url_for({ + :protocol => 'https://', + :path => request.fullpath, + :host => host || request.host + }) + flash.keep if respond_to?(:flash) - redirect_to redirect_options + redirect_to secure_url, :status => :moved_permanently end end end |