tobmatth/rack-ssl-enforcer

A simple Rack middleware to enforce ssl connections

RubyMIT

Issues

Increase the default HSTS max-age to 2 years
#106 opened 5 years ago by toncid
0
Does rack-ssl-enforcer have support for ssl client verification?
#104 opened 5 years ago by watta90
1
Middleware use vs. insert_before
#103 opened 6 years ago by toncid
1
Load balancer health check redirected; not making it to the app
#102 opened 7 years ago by gsisson
5
Forcing HTTPS only on certain paths or methods might be a security problem
#101 opened 7 years ago by qutorial
0
Is there a changelog?
#95 opened 7 years ago by joelpresence
2
HSTS Implementation
#92 opened 8 years ago by 23ranjan
1
Does not set session cookie as secure
#91 opened 8 years ago by vipulvkp
6
HSTS and secure cookies w/o redirect?
#89 opened 8 years ago by n3bulous
2
use_redirect always forcing redirect, even for HTTPS
#88 opened 8 years ago by aripollak
2
ERR_CONNECTION_REFUSED
#85 opened 9 years ago by Antonio-usa2015
2
How to handle URI::InvalidURIError?
#78 opened 10 years ago by PikachuEXE
7
Issue with IE only... strict true not working
#80 opened 9 years ago by jgrannas
3
Infinite redirects behind AWS ELB
#82 opened 9 years ago by gnitnuj
5
Issue with Redirects
#81 opened 9 years ago by irmiller22
3
POST requests
#79 opened 10 years ago by florrain
5
Cookie session state shared across http and https without disabling force_secure_cookies
#58 opened 10 years ago by kbaum
5
:strict option + AJAX requests
#36 opened 10 years ago by blelump
7
Is there a way to combine only_hosts & only?
#62 opened 11 years ago by akashkamboj
18
Already encoded url parameters get encoded again when redirecting
#75 opened 10 years ago by oveddan
0
Release new version! <3
#73 opened 10 years ago by rwojsznis
2
Support for ruby 2.0 and Rails 4
#72 opened 11 years ago by oveddan
2
Running code before redirect not working
#70 opened 11 years ago by abhasg
3
combine strict and non strict behaviour
#69 opened 11 years ago by mojovski
3
Vertical pipe characters in the URL cause an URI::InvalidURIError
#47 opened 11 years ago by gmoore
6
Is there a way to combine mutiple only, multiple ignore with strict
#68 opened 11 years ago by akashkamboj
6
Rack::SslEnforcer options mess up with 'localhost'
#64 opened 11 years ago by hammady
11
Enforcing won't preserve HTTP methods
#65 opened 11 years ago by hammady
1
Proper Nginx Config
#26 opened 12 years ago
6
SSL-only, HTTP-only, and mixed
#39 opened 12 years ago by flivni
9
New rubygems release?
#60 opened 11 years ago by micahwedemeyer
2
force internationalization
#54 opened 11 years ago by hyperrjas
6
Allow proc to be called before forcing a redirect
#56 opened 11 years ago by oveddan
0
:mixed doesn't allow insecure GET
#21 opened 11 years ago by eostrom
11
Add environment constraints
#51 opened 11 years ago by wyattisimo
0
Secure cookie flag forced
#20 opened 12 years ago by mig-hub
2
Regex
#46 opened 12 years ago by bleonard
6
@scheme leak across requests
#48 opened 12 years ago by robd
1
SSL :ignore ignored for routable addresses, but works for static addresses
#43 opened 12 years ago by mattheworiordan
5
SSL-only, HTTP-only, and mixed
#38 opened 12 years ago by flivni
0
Working on Heroku?
#35 opened 13 years ago by iesta
3
Redirect not working
#34 opened 13 years ago by hallmatt
4
strict and HSTS are incompatible
#8 opened 13 years ago by dacort
4
config.middleware.use Rack::SslEnforcer breaks ajax requests
#31 opened 13 years ago by costajob
2
Apache 2 config?
#30 opened 13 years ago by cheeyeo
3
hsts => true doesn't work
#28 opened 13 years ago by nurey
2
Except hosts option doesn't work with an array of hosts
#18 opened 14 years ago by ginty
3
Can't load Rack::SslEnforcer in Rails 2.3.11 app
#17 opened 14 years ago by minter
3
SSL URLs not being generated for mailers
#15 opened 14 years ago by uberllama
3
rack-ssl-enforcer.rb
#9 opened 14 years ago by thibaudgg
1