diff options
Diffstat (limited to 'actionpack/lib/action_dispatch/middleware/ssl.rb')
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/ssl.rb | 14 | 
1 files changed, 7 insertions, 7 deletions
| diff --git a/actionpack/lib/action_dispatch/middleware/ssl.rb b/actionpack/lib/action_dispatch/middleware/ssl.rb index 190e54223e..00902ede21 100644 --- a/actionpack/lib/action_dispatch/middleware/ssl.rb +++ b/actionpack/lib/action_dispatch/middleware/ssl.rb @@ -83,7 +83,7 @@ module ActionDispatch      private        def set_hsts_header!(headers) -        headers["Strict-Transport-Security".freeze] ||= @hsts_header +        headers["Strict-Transport-Security"] ||= @hsts_header        end        def normalize_hsts_options(options) @@ -102,23 +102,23 @@ module ActionDispatch        # https://tools.ietf.org/html/rfc6797#section-6.1        def build_hsts_header(hsts) -        value = "max-age=#{hsts[:expires].to_i}".dup +        value = +"max-age=#{hsts[:expires].to_i}"          value << "; includeSubDomains" if hsts[:subdomains]          value << "; preload" if hsts[:preload]          value        end        def flag_cookies_as_secure!(headers) -        if cookies = headers["Set-Cookie".freeze] -          cookies = cookies.split("\n".freeze) +        if cookies = headers["Set-Cookie"] +          cookies = cookies.split("\n") -          headers["Set-Cookie".freeze] = cookies.map { |cookie| +          headers["Set-Cookie"] = cookies.map { |cookie|              if !/;\s*secure\s*(;|$)/i.match?(cookie)                "#{cookie}; secure"              else                cookie              end -          }.join("\n".freeze) +          }.join("\n")          end        end @@ -141,7 +141,7 @@ module ActionDispatch          host = @redirect[:host] || request.host          port = @redirect[:port] || request.port -        location = "https://#{host}".dup +        location = +"https://#{host}"          location << ":#{port}" if port != 80 && port != 443          location << request.fullpath          location | 
