123456789_123456789_123456789_123456789_123456789_

Class: ActionDispatch::AssumeSSL

Relationships & Source Files
Inherits: Object
Defined in: actionpack/lib/action_dispatch/middleware/assume_ssl.rb

Overview

When proxying through a load balancer that terminates SSL, the forwarded request will appear as though it’s HTTP instead of HTTPS to the application. This makes redirects and cookie security target HTTP instead of HTTPS. This middleware makes the server assume that the proxy already terminated SSL, and that the request really is HTTPS.

Class Method Summary

Instance Method Summary

Constructor Details

.new(app) ⇒ AssumeSSL

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/assume_ssl.rb', line 14

def initialize(app)
  @app = app
end

Instance Method Details

#call(env)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/assume_ssl.rb', line 18

def call(env)
  env["HTTPS"] = "on"
  env["HTTP_X_FORWARDED_PORT"] = "443"
  env["HTTP_X_FORWARDED_PROTO"] = "https"
  env["rack.url_scheme"] = "https"

  @app.call(env)
end