aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/lib/action_controller/metal/force_ssl.rb
Commit message (Collapse)AuthorAgeFilesLines
* Fix HTTPS grammarJon Moss2017-03-131-4/+4
| | | | [ci skip]
* [docs] fix ActionController documentationHrvoje Šimić2017-03-121-4/+4
| | | | [ci skip]
* Fix a force ssl redirection bug that occur when session store disabled.Taishi Kasuga2016-11-221-1/+1
|
* modernizes hash syntax in actionpackXavier Noria2016-08-061-4/+4
|
* applies new string literal convention in actionpack/libXavier Noria2016-08-061-3/+3
| | | | | The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default.
* Actionpack documentation typos [ci skip]Tom Kadwill2016-04-231-4/+4
|
* Fix formatting of force_ssl options documentation [ci skip]Eliot Sykes2015-07-191-6/+6
|
* Revert "Merge pull request #19682 from ↵Santiago Pastorino2015-04-121-1/+1
| | | | | | | supercaracal/fix_force_ssl_redirection_flash_error" This reverts commit d215620340be7cb29e2aa87aab22da5ec9e6e6a7, reversing changes made to bbbbfe1ac02162ecb5e9a7b560134a3221f129f3.
* fix fails to force_ssl_redirection if session_store is disabledTaishi Kasuga2015-04-091-1/+1
|
* just set the host, no need for another hash allocation / merge!Aaron Patterson2014-08-011-1/+1
|
* Fix a few typos. [ci skip]namusyaka2013-09-041-1/+1
|
* Don't reprocess the options hash on every requestAndrew White2013-04-271-1/+2
|
* Add support for extra options to `force_ssl`Andrew White2013-04-251-17/+48
| | | | | | | | This commit adds support for passing additional url options along with a :status option and any of the flash-related options to `redirect_to` (i.e. :flash, :alert & :notice). Closes #7570.
* Use `request.fullpath` to build redirect url in `force_ssl`Andrew White2013-04-251-4/+7
| | | | | | | | | | | The `force_ssl` command now builds the redirect url from `request.fullpath`. This ensures that the format is maintained and it doesn't redirect to a route that has the same parameters but is defined earlier in `routes.rb`. Also any optional segments are maintained. Fixes #7528. Fixes #9061. Fixes #10305.
* update documentation and code to use _action callbacksFrancesco Rodriguez2012-12-071-2/+2
|
* Multiple changes to 1,9 hash syntaxAvnerCohen2012-10-271-1/+1
|
* Missing closing tagEllis Berner2012-08-121-1/+1
|
* Extracted redirect logic from ActionController::Force::ClassMethods.force_sslJeremy Friesen2012-05-311-7/+15
| | | | | | | | | | | | | Prior to this patch the existing .force_ssl method handles both defining the filter and handling the logic for performing the redirect. With this patch the logic for redirecting to the HTTPS protocol is separated from the filter logic that determines if a redirect should occur. By separating the two levels of behavior, an instance method for ActionController (i.e. #force_ssl_redirect) is exposed and available for more granular SSL enforcement. Cleaned up indentation.
* Add ActionController::HTTPSantiago Pastorino2012-03-141-1/+1
| | | | | | More info http://edgeguides.rubyonrails.org/api_app.html [Carlos Antonio da Silva & Santiago Pastorino]
* Document the :host option for force_sslAndrew White2012-02-231-0/+1
|
* Update documentation for force_ssl - closes #5023.Andrew White2012-02-231-1/+14
|
* SSL should not be disabled by default in any environment.Pat Allan2012-02-231-1/+1
|
* Fixed force_ssl redirects to include original query paramsRyan McGeary2012-02-071-0/+1
| | | | | | | | | | `ActionController.force_ssl` redirects http URLs to their https equivalent; however, when a URL contains a query string, the resulting redirect lacked the original query string. Conflicts: actionpack/lib/action_controller/metal/force_ssl.rb
* When force redirecting to SSL, make sure that the session is kept. As we're ↵Marcin Bunsch and Przemek Dąbek2012-01-121-0/+1
| | | | moving from a non-secure to secure environment, it's safe
* accept optional :host parameter to force_sslBen Scheirman2011-10-081-2/+5
|
* fix minor spelling mistakes in commentsDmytrii Nagirniak2011-05-231-3/+3
|
* Add controller-specific `force_ssl` method to force web browser to use HTTPS ↵Prem Sichanugrist2011-03-281-0/+35
protocol This would become useful for site which sometime transferring sensitive information such as account information on particular controller or action. This featured was requested by DHH.