Testing ssl_requirement with pound

ssl_requirement is a Rails gem by DHH to declaratively redirect requests to SSL.  It is useful, for example, to ensure all access to a checkout page is secure.  SSL encryption, however, is usually handled by a webserver such as Nginx or Apache, and these are not typically used in Rails test mode.  It appears most developers simply disable SSL redirects during testing, but this allows certain defects such as correct handling of flash messages to go undetected.  To test SSL redirects I’ve started using a lightweight, secure reverse proxy called pound. The pound configuration file can be kept to a bare minimum to forward requests from port 8443 to 3000 and encrypt the response:

ListenHTTPS
  Address 127.0.0.1
  Port    8443
  Cert    "pound.pem"
  AddHeader "X_FORWARDED_PROTO: https"
  Service
    BackEnd
      Address 127.0.0.1
      Port    3000
    End
  End
End

To run pound:

pound -vf ./pound.conf

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top