use base qw/Class::Accessor::Fast/;
use NEXT;
-our $VERSION = '0.05';
+our $VERSION = '0.07';
__PACKAGE__->mk_accessors( qw/_require_ssl _ssl_strip_output/ );
# disable the plugin when running under certain engines which don't
# support SSL
- # XXX: I didn't include Catalyst::Engine::Server here as it may be used as
- # a backend in a proxy setup.
- if ( $c->engine eq "Catalyst::Engine::HTTP" ) {
+ if ( $c->engine =~ /Catalyst::Engine::HTTP/ ) {
$c->config->{require_ssl}->{disabled} = 1;
$c->log->warn( "RequireSSL: Disabling SSL redirection while running "
. "under " . $c->engine );
}
}
$redir .= '?' . join( '&', @params );
- }
-
+ }
+
+ if ( $c->config->{require_ssl}->{no_cache} ) {
+ delete $c->config->{require_ssl}->{$type};
+ }
+
return $redir;
}
https => 'secure.mydomain.com',
http => 'www.mydomain.com',
remain_in_ssl => 0,
+ no_cache => 0,
};
# in any controller methods that should be secured
page, you can set this option to 1. By default, this option is disabled and
users will be redirected back to non-SSL mode as soon as possible.
+ no_cache
+
+If you have a wildcard certificate you will need to set this option if you are
+using multiple domains on one instance of Catalyst.
+
=head1 METHODS
=head2 require_ssl
The browser will be redirected to the same path on your SSL server. POST
requests are never redirected.
+=head2 setup
+
+Disables this plugin if running under an engine which does not support SSL.
+
+=head2 finalize
+
+Performs the redirect to SSL url if required.
+
=head1 KNOWN ISSUES
When viewing an SSL-required page that uses static files served from the
Andy Grundman, <andy@hybridized.org>
+=head1 CONTRIBUTORS
+
+Simon Elliott <simon@browsing.co.uk> (support for wildcards)
+
=head1 COPYRIGHT
This program is free software, you can redistribute it and/or modify it under