-
Notifications
You must be signed in to change notification settings - Fork 324
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Redirect all web content to HTTPS by default.
This adjusts the existing config options so that API Umbrella redirects all web-app and website requests to the HTTPS version by default (while we had configured most of our instances to do this already, it seems time to make this the default behavior so there's not the weird page-specific split in behavior). It also adds a new configuration option so that any "not found" responses are redirected to HTTPS. API behavior remains the same (we default to forcing HTTPS, but not via redirects). See 18F/api.data.gov#430 for details about the "not found" redirecting.
- Loading branch information
Showing
10 changed files
with
293 additions
and
31 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
require_relative "../../test_helper" | ||
|
||
class Test::Proxy::Routing::TestHttpsConfig < Minitest::Test | ||
include ApiUmbrellaTestHelpers::Setup | ||
include ApiUmbrellaTestHelpers::AdminAuth | ||
include Minitest::Hooks | ||
|
||
def setup | ||
super | ||
setup_server | ||
once_per_class_setup do | ||
override_config_set({ | ||
"router" => { | ||
"web_app_backend_required_https_regex" => "^/admin/web-app-https-test", | ||
"website_backend_required_https_regex_default" => "^/website-https-test", | ||
"redirect_not_found_to_https" => false, | ||
"web_app_host" => "127.0.0.1", | ||
}, | ||
}, "--router") | ||
end | ||
end | ||
|
||
def after_all | ||
super | ||
override_config_reset("--router") | ||
end | ||
|
||
def test_custom_web_app_regex | ||
response = Typhoeus.get("http://127.0.0.1:9080/admin/", keyless_http_options) | ||
assert_response_code(200, response) | ||
assert_match(%r{<script src="assets/api-umbrella-admin-ui-\w+\.js"}, response.body) | ||
|
||
response = Typhoeus.get("http://127.0.0.1:9080/admin/web-app-https-test", keyless_http_options) | ||
assert_response_code(301, response) | ||
assert_equal("https://127.0.0.1:9081/admin/web-app-https-test", response.headers["Location"]) | ||
end | ||
|
||
def test_custom_website_backend_regex | ||
response = Typhoeus.get("http://127.0.0.1:9080/", keyless_http_options) | ||
assert_response_code(200, response) | ||
assert_match("Your API Site Name", response.body) | ||
|
||
response = Typhoeus.get("http://127.0.0.1:9080/website-https-test", keyless_http_options) | ||
assert_response_code(301, response) | ||
assert_equal("https://127.0.0.1:9081/website-https-test", response.headers["Location"]) | ||
end | ||
|
||
def test_not_found_https_disabled | ||
response = Typhoeus.get("http://127.0.0.1:9080/api-umbrella/v1/state.json", http_options.deep_merge(admin_token).deep_merge({ | ||
:headers => { | ||
"Host" => "#{unique_test_id}-unknown.foo", | ||
}, | ||
})) | ||
assert_response_code(404, response) | ||
assert_equal("application/json", response.headers["content-type"]) | ||
assert_match("NOT_FOUND", response.body) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.