diff options
| author | Kasper Timm Hansen <kaspth@gmail.com> | 2016-08-22 17:43:47 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-08-22 17:43:47 +0200 |
| commit | 46a44243065dd1088458fc843875aa531b802a47 (patch) | |
| tree | 3694d0bc6d33276aa2d3c784142679542224f9f6 /actionpack/lib | |
| parent | eb8a1e2df8abffab82b7d7c3ddd75617c9aea4c8 (diff) | |
| parent | 64f9802e90369bcf8bb906a8c7b01212e02b0e39 (diff) | |
| download | rails-46a44243065dd1088458fc843875aa531b802a47.tar.gz rails-46a44243065dd1088458fc843875aa531b802a47.tar.bz2 rails-46a44243065dd1088458fc843875aa531b802a47.zip | |
Merge pull request #23941 from chiragsinghal/patch-1
Return 307 status instead of 301 when rerouting POST requests to SSL
Diffstat (limited to 'actionpack/lib')
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/ssl.rb | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/ssl.rb b/actionpack/lib/action_dispatch/middleware/ssl.rb index 0b81d0ad43..992daab3aa 100644 --- a/actionpack/lib/action_dispatch/middleware/ssl.rb +++ b/actionpack/lib/action_dispatch/middleware/ssl.rb @@ -133,12 +133,20 @@ module ActionDispatch end def redirect_to_https(request) - [ @redirect.fetch(:status, 301), + [ @redirect.fetch(:status, redirection_status(request)), { "Content-Type" => "text/html", "Location" => https_location_for(request) }, @redirect.fetch(:body, []) ] end + def redirection_status(request) + if request.get? || request.head? + 301 # Issue a permanent redirect via a GET request. + else + 307 # Issue a fresh request redirect to preserve the HTTP method. + end + end + def https_location_for(request) host = @redirect[:host] || request.host port = @redirect[:port] || request.port |