Add assume_ssl plugin for making request ssl? method always return true

jeremyevans · Jul 13, 2024 · 0848bca · 0848bca
1 parent 5b5e30b
commit 0848bca
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 0 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,3 +1,7 @@
+= master
+
+* Add assume_ssl plugin for making request ssl? method always return true (jeremyevans)
+
 = 3.82.0 (2024-07-12)
 
 * Add :encodings option to public plugin to support configurable encoding order (jeremyevans)

diff --git a/lib/roda/plugins/assume_ssl.rb b/lib/roda/plugins/assume_ssl.rb
@@ -0,0 +1,28 @@
+# frozen-string-literal: true
+
+#
+class Roda
+  module RodaPlugins
+    # The assume_ssl plugin makes the request ssl? method always return
+    # true. This is useful when using an SSL-terminating reverse proxy
+    # that doesn't set the X-Forwarded-Proto or similar header to notify
+    # Rack that it is forwarding an SSL request.
+    #
+    # The sessions and sinatra_helpers plugins that ship with Roda both
+    # use the ssl? method internally and can be affected by use of the
+    # plugin.  It's recommended that you use this plugin if you are
+    # using either plugin and an SSL-terminating proxy as described above.
+    #
+    #   plugin :assume_ssl
+    module AssumeSSL
+      module RequestMethods
+        # Assume all requests are protected by SSL.
+        def ssl?
+          true
+        end
+      end
+    end
+
+    register_plugin(:assume_ssl, AssumeSSL)
+  end
+end
diff --git a/spec/plugin/assume_ssl_spec.rb b/spec/plugin/assume_ssl_spec.rb
@@ -0,0 +1,11 @@
+require_relative "../spec_helper"
+
+describe "assume_ssl plugin" do 
+  it "makes r.ssl? always return true" do
+    app(:assume_ssl) do |r|
+      r.ssl?.to_s
+    end
+
+    body.must_equal 'true'
+  end
+end
diff --git a/www/pages/documentation.erb b/www/pages/documentation.erb
@@ -96,6 +96,7 @@
       <li><a href="rdoc/classes/Roda/RodaPlugins/ViewOptions.html">view_options</a>: Allows for setting view options on a per-request basis.</li>
     </ul></li>
     <li>Request/Response: <ul>
+      <li><a href="rdoc/classes/Roda/RodaPlugins/AssumeSSL.html">assume_ssl</a>: Makes request ssl? method always return true, for use with SSL-terminating reverse proxies that do not set appropriate headers.</li>
       <li><a href="rdoc/classes/Roda/RodaPlugins/Caching.html">caching</a>: Adds request and response methods related to http caching.</li>
       <li><a href="rdoc/classes/Roda/RodaPlugins/ContentSecurityPolicy.html">content_security_policy</a>: Allows setting an appropriate Content-Security-Policy header for the application/branch/action.</li>
       <li><a href="rdoc/classes/Roda/RodaPlugins/CookieFlags.html">cookie_flags</a>: Adds checks for certain cookie flags, to update, warn, or error if they are not set correctly.</li>