Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove deprecated force_ssl #11769

Closed
wants to merge 1 commit into from
Closed

Remove deprecated force_ssl #11769

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 0 additions & 6 deletions app/controllers/application_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,6 @@ class ApplicationController < ActionController::Base
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception

force_ssl if: :https_enabled?

include Localized
include UserTrackingConcern
include SessionTrackingConcern
Expand Down Expand Up @@ -40,10 +38,6 @@ def raise_not_found

private

def https_enabled?
Rails.env.production? && !request.path.start_with?('/health')
end

def authorized_fetch_mode?
ENV['AUTHORIZED_FETCH'] == 'true' || Rails.configuration.x.whitelist_mode
end
Expand Down
8 changes: 8 additions & 0 deletions config/environments/production.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,14 @@
# Allow to specify public IP of reverse proxy if it's needed
config.action_dispatch.trusted_proxies = ENV['TRUSTED_PROXY_IP'].split.map { |item| IPAddr.new(item) } if ENV['TRUSTED_PROXY_IP'].present?

# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true
config.ssl_options = {
redirect: {
exclude: -> request { request.path.start_with?('/health') }
}
}

# Use the lowest log level to ensure availability of diagnostic information
# when problems arise.
config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info').to_sym
Expand Down
14 changes: 0 additions & 14 deletions spec/controllers/application_controller_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,20 +47,6 @@ def invalid_authenticity_token
include_examples 'respond_with_error', 422
end

it "does not force ssl if Rails.env.production? is not 'true'" do
routes.draw { get 'success' => 'anonymous#success' }
allow(Rails.env).to receive(:production?).and_return(false)
get 'success'
expect(response).to have_http_status(200)
end

it "forces ssl if Rails.env.production? is 'true'" do
routes.draw { get 'success' => 'anonymous#success' }
allow(Rails.env).to receive(:production?).and_return(true)
get 'success'
expect(response).to redirect_to('https://test.host/success')
end

describe 'helper_method :current_account' do
it 'returns nil if not signed in' do
expect(controller.view_context.current_account).to be_nil
Expand Down