tobmatth / rack-ssl-enforcer

A simple Rack middleware to enforce ssl connections

tobmatth/rack-ssl-enforcer Issues

Increase the default HSTS max-age to 2 years
Updated 4 years ago
Does rack-ssl-enforcer have support for ssl client verification?
Closed 5 years ago1
Middleware use vs. insert_before
Updated 6 years ago1
Load balancer health check redirected; not making it to the app
Closed 6 years ago5
Forcing HTTPS only on certain paths or methods might be a security problem
Updated 7 years ago
Is there a changelog?
Closed 7 years ago2
HSTS Implementation
Closed 8 years ago1
Does not set session cookie as secure
Closed 8 years ago6
HSTS and secure cookies w/o redirect?
Closed 8 years ago2
use_redirect always forcing redirect, even for HTTPS
Updated 8 years ago2
ERR_CONNECTION_REFUSED
Closed 9 years ago2
How to handle URI::InvalidURIError?
Closed 9 years ago7
Issue with IE only... strict true not working
Closed 9 years ago3
Infinite redirects behind AWS ELB
Closed 9 years ago5
Issue with Redirects
Closed 9 years ago3
POST requests
Closed 9 years ago5
Cookie session state shared across http and https without disabling force_secure_cookies
Closed 10 years ago5
:strict option + AJAX requests
Closed 10 years ago7
Is there a way to combine only_hosts & only?
Updated 10 years ago18
Already encoded url parameters get encoded again when redirecting
Closed 10 years ago
Release new version! <3
Closed 10 years ago2
Support for ruby 2.0 and Rails 4
Closed 10 years ago2
Running code before redirect not working
Closed 10 years ago3
combine strict and non strict behaviour
Closed 10 years ago3
Vertical pipe characters in the URL cause an URI::InvalidURIError
Closed 10 years ago6
Is there a way to combine mutiple only, multiple ignore with strict
Closed 10 years ago6
Rack::SslEnforcer options mess up with 'localhost'
Closed 11 years ago11
Enforcing won't preserve HTTP methods
Closed 11 years ago1
Proper Nginx Config
Closed 12 years ago6
SSL-only, HTTP-only, and mixed
Closed 12 years ago9
New rubygems release?
Closed 11 years ago2
force internationalization
Closed 11 years ago6
Allow proc to be called before forcing a redirect
Closed 11 years ago
:mixed doesn't allow insecure GET
Closed 11 years ago11
Add environment constraints
Closed 11 years ago
Secure cookie flag forced
Closed 11 years ago2
Regex
Closed 11 years ago6
@scheme leak across requests
Closed 11 years ago1
SSL :ignore ignored for routable addresses, but works for static addresses
Closed 12 years ago5
SSL-only, HTTP-only, and mixed
Closed 12 years ago
Working on Heroku?
Closed 12 years ago3
Redirect not working
Closed 12 years ago4
strict and HSTS are incompatible
Closed 12 years ago4
config.middleware.use Rack::SslEnforcer breaks ajax requests
Closed 12 years ago2
Apache 2 config?
Closed 13 years ago3
hsts => true doesn't work
Closed 13 years ago2
Except hosts option doesn't work with an array of hosts
Closed 13 years ago3
Can't load Rack::SslEnforcer in Rails 2.3.11 app
Closed 13 years ago3
SSL URLs not being generated for mailers
Closed 13 years ago3
rack-ssl-enforcer.rb
Closed 13 years ago1