ActionDispatch::SSL should keep original header's behavior

`ActionDispatch::SSL` changes headers to `Hash`. So some headers will be broken if there are some middlewares on ActionDispatch::SSL and if it uses `Rack::Utils::HeaderHash`.
author: Fumiaki MATSUSHIMA <mtsmfm@gmail.com> 2015-06-14 23:10:27 +0900
committer: Fumiaki MATSUSHIMA <mtsmfm@gmail.com> 2015-06-14 23:20:04 +0900
commit: bb0186cf5542bca1891e507774447588846f88d1 (patch)
tree: f77e298eec7038864e99bbe04f036dfb5d716bbb /actionpack/lib/action_dispatch/middleware/ssl.rb
parent: 88cd09fa47ddf9ea952b2c4d117d725b0d537bae (diff)
download: rails-bb0186cf5542bca1891e507774447588846f88d1.tar.gz
rails-bb0186cf5542bca1891e507774447588846f88d1.tar.bz2
rails-bb0186cf5542bca1891e507774447588846f88d1.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/ssl.rb b/actionpack/lib/action_dispatch/middleware/ssl.rb
index 0c7caef25d..7b3d8bcc5b 100644
--- a/actionpack/lib/action_dispatch/middleware/ssl.rb
+++ b/actionpack/lib/action_dispatch/middleware/ssl.rb
@@ -22,7 +22,7 @@ module ActionDispatch
 
       if request.ssl?
         status, headers, body = @app.call(env)
-        headers = hsts_headers.merge(headers)
+        headers.reverse_merge!(hsts_headers)
         flag_cookies_as_secure!(headers)
         [status, headers, body]
       else
author	Fumiaki MATSUSHIMA <mtsmfm@gmail.com>	2015-06-14 23:10:27 +0900
committer	Fumiaki MATSUSHIMA <mtsmfm@gmail.com>	2015-06-14 23:20:04 +0900
commit	bb0186cf5542bca1891e507774447588846f88d1 (patch)
tree	f77e298eec7038864e99bbe04f036dfb5d716bbb /actionpack/lib/action_dispatch/middleware/ssl.rb
parent	88cd09fa47ddf9ea952b2c4d117d725b0d537bae (diff)
download	rails-bb0186cf5542bca1891e507774447588846f88d1.tar.gz rails-bb0186cf5542bca1891e507774447588846f88d1.tar.bz2 rails-bb0186cf5542bca1891e507774447588846f88d1.zip