# File lib/action_dispatch/middleware/ssl.rb, line 5 def self.default_hsts_options { :expires => YEAR, :subdomains => false } end
# File lib/action_dispatch/middleware/ssl.rb, line 9 def initialize(app, options = {}) @app = app @hsts = options.fetch(:hsts, {}) @hsts = {} if @hsts == true @hsts = self.class.default_hsts_options.merge(@hsts) if @hsts @host = options[:host] @port = options[:port] end
# File lib/action_dispatch/middleware/ssl.rb, line 20 def call(env) request = Request.new(env) if request.ssl? status, headers, body = @app.call(env) headers = hsts_headers.merge(headers) flag_cookies_as_secure!(headers) [status, headers, body] else redirect_to_https(request) end end
Generated with the Darkfish Rdoc Generator 2.