Force SSL using ssl_requirement in Rails 2 app

2019-01-11 06:57发布

I have a Rails application which need to run under SSL. I tried ssl_requirement but seems I have to type in all the actions in every controllers.

Is there any method that I can add a before_filter in application controller with ssl_requirement, so that the apps will redirect to https automatically when user request is in http?

Thanks all. :)

标签： ruby-on-rails ssl ruby-on-rails-2

3条回答

甜甜的少女心

2楼-- · 2019-01-11 07:13

The key problem is that force_ssl.rb isn't being loaded and that lib isn't loaded by default in rails 3.1. You have to add

config.autoload_paths += %W(#{config.root}/lib)
config.autoload_paths += Dir["#{config.root}/lib/**/"]

to application.rb

0人赞添加讨论(0) 举报

劫难

3楼-- · 2019-01-11 07:16

Use a Rack Middleware.

# lib/force_ssl.rb
class ForceSSL
  def initialize(app)
    @app = app
  end

  def call(env)
    if env['HTTPS'] == 'on' || env['HTTP_X_FORWARDED_PROTO'] == 'https'
      @app.call(env)
    else
      req = Rack::Request.new(env)
      [301, { "Location" => req.url.gsub(/^http:/, "https:") }, []]
    end
  end
end

# config/environment.rb
config.middleware.use "ForceSSL"

0人赞添加讨论(0) 举报

甜甜的少女心

4楼-- · 2019-01-11 07:38

You can try test if request is in ssl or not in a before_filter in your application

class Application < AC::Base

  before_filter :need_ssl

  def need_ssl
    redirect_to "https://#{request.host}/#{request.query_string}" unless request.ssl?
  end
end

0人赞添加讨论(0) 举报

Force SSL using ssl_requirement in Rails 2 app

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间