Keep conventions in the code

Rakefile

@@ -1,6 +1,6 @@
 require 'rake/testtask'
 
-task :default => :test
+task default: :test
 
 Rake::TestTask.new do |t|
   t.warning = true

lib/rack/ssl.rb

@@ -3,10 +3,10 @@
 
 module Rack
   class SSL
-    YEAR = 31536000
+    YEAR = 31_536_000
 
     def self.default_hsts_options
-      { :expires => YEAR, :subdomains => false }
+      { expires: YEAR, subdomains: false }
     end
 
     def initialize(app, options = {})
@@ -34,56 +34,55 @@ def call(env)
     end
 
     private
-      # Fixed in rack >= 1.3
-      def scheme(env)
-        if env['HTTPS'] == 'on'
-          'https'
-        elsif env['HTTP_X_FORWARDED_PROTO']
-          env['HTTP_X_FORWARDED_PROTO'].split(',')[0]
-        else
-          env['rack.url_scheme']
-        end
+
+    # Fixed in rack >= 1.3
+    def scheme(env)
+      if env['HTTPS'] == 'on'
+        'https'
+      elsif env['HTTP_X_FORWARDED_PROTO']
+        env['HTTP_X_FORWARDED_PROTO'].split(',')[0]
+      else
+        env['rack.url_scheme']
       end
+    end
 
-      def redirect_to_https(env)
-        req = Request.new(env)
+    def redirect_to_https(env)
+      req = Request.new(env)
 
-        host = @host || req.host
-        location = "https://#{host}#{req.fullpath}"
+      host = @host || req.host
+      location = "https://#{host}#{req.fullpath}"
 
-        status  = %w[GET HEAD].include?(req.request_method) ? 301 : 307
-        headers = { 'Content-Type' => 'text/html', 'Location' => location }
+      status  = %w(GET HEAD).include?(req.request_method) ? 301 : 307
+      headers = { 'Content-Type' => 'text/html', 'Location' => location }
 
-        [status, headers, []]
-      end
+      [status, headers, []]
+    end
 
-      # http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02
-      def hsts_headers
-        if @hsts
-          value = "max-age=#{@hsts[:expires]}"
-          value += "; includeSubDomains" if @hsts[:subdomains]
-          { 'Strict-Transport-Security' => value }
-        else
-          {}
-        end
+    # http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02
+    def hsts_headers
+      if @hsts
+        value = "max-age=#{@hsts[:expires]}"
+        value += '; includeSubDomains' if @hsts[:subdomains]
+        { 'Strict-Transport-Security' => value }
+      else
+        {}
       end
+    end
 
-      def flag_cookies_as_secure!(headers)
-        if cookies = headers['Set-Cookie']
-          # Rack 1.1's set_cookie_header! will sometimes wrap
-          # Set-Cookie in an array
-          unless cookies.respond_to?(:to_ary)
-            cookies = cookies.split("\n")
-          end
+    def flag_cookies_as_secure!(headers)
+      if cookies = headers['Set-Cookie']
+        # Rack 1.1's set_cookie_header! will sometimes wrap
+        # Set-Cookie in an array
+        cookies = cookies.split("\n") unless cookies.respond_to?(:to_ary)
 
-          headers['Set-Cookie'] = cookies.map { |cookie|
-            if cookie !~ /; secure(;|$)/
-              "#{cookie}; secure"
-            else
-              cookie
-            end
-          }.join("\n")
-        end
+        headers['Set-Cookie'] = cookies.map do |cookie|
+          if cookie !~ /; secure(;|$)/
+            "#{cookie}; secure"
+          else
+            cookie
+          end
+        end.join("\n")
       end
+    end
   end
 end

rack-ssl.gemspec

@@ -3,9 +3,9 @@ Gem::Specification.new do |s|
   s.version   = '1.4.1'
   s.date      = '2014-03-23'
 
-  s.homepage    = "https://github.com/josh/rack-ssl"
-  s.summary     = "Force SSL/TLS in your app."
-  s.license     = "MIT"
+  s.homepage    = 'https://github.com/josh/rack-ssl'
+  s.summary     = 'Force SSL/TLS in your app.'
+  s.license     = 'MIT'
   s.description = <<-EOS
     Rack middleware to force SSL/TLS.
   EOS
@@ -18,7 +18,7 @@ Gem::Specification.new do |s|
 
   s.add_dependency 'rack'
 
-  s.authors           = ["Joshua Peek"]
-  s.email             = "[email protected]"
+  s.authors           = ['Joshua Peek']
+  s.email             = '[email protected]'
   s.rubyforge_project = 'rack-ssl'
 end

test/test_ssl.rb

@@ -7,11 +7,11 @@ class TestSSL < Test::Unit::TestCase
   include Rack::Test::Methods
 
   def default_app
-    lambda { |env|
-      headers = {'Content-Type' => "text/html"}
+    lambda do |_env|
+      headers = { 'Content-Type' => 'text/html' }
       headers['Set-Cookie'] = "id=1; path=/\ntoken=abc; path=/; secure; HttpOnly"
-      [200, headers, ["OK"]]
-    }
+      [200, headers, ['OK']]
+    end
   end
 
   def app
@@ -20,168 +20,168 @@ def app
   attr_writer :app
 
   def test_allows_https_url
-    get "https://example.org/path?key=value"
+    get 'https://example.org/path?key=value'
     assert last_response.ok?
   end
 
   def test_allows_https_proxy_header_url
-    get "http://example.org/", {}, 'HTTP_X_FORWARDED_PROTO' => "https"
+    get 'http://example.org/', {}, 'HTTP_X_FORWARDED_PROTO' => 'https'
     assert last_response.ok?
   end
 
   def test_redirects_http_to_https
-    get "http://example.org/path?key=value"
+    get 'http://example.org/path?key=value'
     assert last_response.redirect?
-    assert_equal "https://example.org/path?key=value",
-      last_response.headers['Location']
+    assert_equal 'https://example.org/path?key=value',
+                 last_response.headers['Location']
   end
 
   def test_exclude_from_redirect
-    self.app = Rack::SSL.new(default_app, :exclude => lambda { |env| true })
-    get "http://example.org/"
+    self.app = Rack::SSL.new(default_app, exclude: ->(_env) { true })
+    get 'http://example.org/'
     assert last_response.ok?
   end
 
   def test_hsts_header_by_default
-    get "https://example.org/"
-    assert_equal "max-age=31536000",
-      last_response.headers['Strict-Transport-Security']
+    get 'https://example.org/'
+    assert_equal 'max-age=31536000',
+                 last_response.headers['Strict-Transport-Security']
   end
 
   def test_no_hsts_with_insecure_connection
-    get "http://example.org/"
+    get 'http://example.org/'
     assert !last_response.headers['Strict-Transport-Security']
   end
 
   def test_hsts_header
-    self.app = Rack::SSL.new(default_app, :hsts => true)
-    get "https://example.org/"
-    assert_equal "max-age=31536000",
-      last_response.headers['Strict-Transport-Security']
+    self.app = Rack::SSL.new(default_app, hsts: true)
+    get 'https://example.org/'
+    assert_equal 'max-age=31536000',
+                 last_response.headers['Strict-Transport-Security']
   end
 
   def test_disable_hsts_header
-    self.app = Rack::SSL.new(default_app, :hsts => false)
-    get "https://example.org/"
+    self.app = Rack::SSL.new(default_app, hsts: false)
+    get 'https://example.org/'
     assert !last_response.headers['Strict-Transport-Security']
   end
 
   def test_hsts_expires
-    self.app = Rack::SSL.new(default_app, :hsts => { :expires => 500 })
-    get "https://example.org/"
-    assert_equal "max-age=500",
-      last_response.headers['Strict-Transport-Security']
+    self.app = Rack::SSL.new(default_app, hsts: { expires: 500 })
+    get 'https://example.org/'
+    assert_equal 'max-age=500',
+                 last_response.headers['Strict-Transport-Security']
   end
 
   def test_hsts_include_subdomains
-    self.app = Rack::SSL.new(default_app, :hsts => { :subdomains => true })
-    get "https://example.org/"
-    assert_equal "max-age=31536000; includeSubDomains",
-      last_response.headers['Strict-Transport-Security']
+    self.app = Rack::SSL.new(default_app, hsts: { subdomains: true })
+    get 'https://example.org/'
+    assert_equal 'max-age=31536000; includeSubDomains',
+                 last_response.headers['Strict-Transport-Security']
   end
 
   def test_flag_cookies_as_secure
-    get "https://example.org/"
-    assert_equal ["id=1; path=/; secure", "token=abc; path=/; secure; HttpOnly" ],
-      last_response.headers['Set-Cookie'].split("\n")
+    get 'https://example.org/'
+    assert_equal ['id=1; path=/; secure', 'token=abc; path=/; secure; HttpOnly'],
+                 last_response.headers['Set-Cookie'].split("\n")
   end
 
   def test_flag_cookies_as_secure_at_end_of_line
-    self.app = Rack::SSL.new(lambda { |env|
+    self.app = Rack::SSL.new(lambda do |_env|
       headers = {
-        'Content-Type' => "text/html",
-        'Set-Cookie' => "problem=def; path=/; HttpOnly; secure"
+        'Content-Type' => 'text/html',
+        'Set-Cookie' => 'problem=def; path=/; HttpOnly; secure'
       }
-      [200, headers, ["OK"]]
-    })
+      [200, headers, ['OK']]
+    end)
 
-    get "https://example.org/"
-    assert_equal ["problem=def; path=/; HttpOnly; secure"],
-      last_response.headers['Set-Cookie'].split("\n")
+    get 'https://example.org/'
+    assert_equal ['problem=def; path=/; HttpOnly; secure'],
+                 last_response.headers['Set-Cookie'].split("\n")
   end
 
   def test_legacy_array_headers
-    self.app = Rack::SSL.new(lambda { |env|
+    self.app = Rack::SSL.new(lambda do |_env|
       headers = {
-        'Content-Type' => "text/html",
-        'Set-Cookie' => ["id=1; path=/", "token=abc; path=/; HttpOnly"]
+        'Content-Type' => 'text/html',
+        'Set-Cookie' => ['id=1; path=/', 'token=abc; path=/; HttpOnly']
       }
-      [200, headers, ["OK"]]
-    })
+      [200, headers, ['OK']]
+    end)
 
-    get "https://example.org/"
-    assert_equal ["id=1; path=/; secure", "token=abc; path=/; HttpOnly; secure"],
-      last_response.headers['Set-Cookie'].split("\n")
+    get 'https://example.org/'
+    assert_equal ['id=1; path=/; secure', 'token=abc; path=/; HttpOnly; secure'],
+                 last_response.headers['Set-Cookie'].split("\n")
   end
 
   def test_no_cookies
-    self.app = Rack::SSL.new(lambda { |env|
-      [200, {'Content-Type' => "text/html"}, ["OK"]]
-    })
-    get "https://example.org/"
+    self.app = Rack::SSL.new(lambda do |_env|
+      [200, { 'Content-Type' => 'text/html' }, ['OK']]
+    end)
+    get 'https://example.org/'
     assert !last_response.headers['Set-Cookie']
   end
 
   def test_redirect_to_host
-    self.app = Rack::SSL.new(default_app, :host => "ssl.example.org")
-    get "http://example.org/path?key=value"
-    assert_equal "https://ssl.example.org/path?key=value",
-      last_response.headers['Location']
+    self.app = Rack::SSL.new(default_app, host: 'ssl.example.org')
+    get 'http://example.org/path?key=value'
+    assert_equal 'https://ssl.example.org/path?key=value',
+                 last_response.headers['Location']
   end
 
   def test_redirect_to_host_port
-    self.app = Rack::SSL.new(default_app, :host => "ssl.example.org:443")
-    get "http://example.org/path?key=value"
-    assert_equal "https://ssl.example.org:443/path?key=value",
-      last_response.headers['Location']
+    self.app = Rack::SSL.new(default_app, host: 'ssl.example.org:443')
+    get 'http://example.org/path?key=value'
+    assert_equal 'https://ssl.example.org:443/path?key=value',
+                 last_response.headers['Location']
   end
 
   def test_redirect_to_secure_host_when_on_subdomain
-    self.app = Rack::SSL.new(default_app, :host => "ssl.example.org")
-    get "http://ssl.example.org/path?key=value"
-    assert_equal "https://ssl.example.org/path?key=value",
-      last_response.headers['Location']
+    self.app = Rack::SSL.new(default_app, host: 'ssl.example.org')
+    get 'http://ssl.example.org/path?key=value'
+    assert_equal 'https://ssl.example.org/path?key=value',
+                 last_response.headers['Location']
   end
 
   def test_redirect_to_secure_subdomain_when_on_deep_subdomain
-    self.app = Rack::SSL.new(default_app, :host => "example.co.uk")
-    get "http://double.rainbow.what.does.it.mean.example.co.uk/path?key=value"
-    assert_equal "https://example.co.uk/path?key=value",
-      last_response.headers['Location']
+    self.app = Rack::SSL.new(default_app, host: 'example.co.uk')
+    get 'http://double.rainbow.what.does.it.mean.example.co.uk/path?key=value'
+    assert_equal 'https://example.co.uk/path?key=value',
+                 last_response.headers['Location']
   end
 
   def test_status_get
-    get "http://example.org/"
+    get 'http://example.org/'
     assert_equal 301, last_response.status
   end
 
   def test_status_head
-    head "http://example.org/"
+    head 'http://example.org/'
     assert_equal 301, last_response.status
   end
 
   def test_status_options
-    options "http://example.org/"
+    options 'http://example.org/'
     assert_equal 307, last_response.status
   end
 
   def test_status_post
-    post "http://example.org/"
+    post 'http://example.org/'
     assert_equal 307, last_response.status
   end
 
   def test_status_put
-    put "http://example.org/"
+    put 'http://example.org/'
     assert_equal 307, last_response.status
   end
 
   def test_status_delete
-    delete "http://example.org/"
+    delete 'http://example.org/'
     assert_equal 307, last_response.status
   end
 
   def test_status_patch
-    patch "http://example.org/"
+    patch 'http://example.org/'
     assert_equal 307, last_response.status
   end
 end