Rails SSL issue: (https://example.com) didn't match request.base_url (http://example.com)

后端 未结 3 1145
感动是毒
感动是毒 2021-02-13 10:51

I just installed an SSL certificate on my site. Unfortunately it has broken the login functionality. After submitting the login form on the site it just redirects to the home pa

3条回答
  •  别跟我提以往
    2021-02-13 11:25

    As rails application server is running behind webserver which is SSL enabled. But the application server is not aware of it and continue with HTTP protocol. Due to which request.base_url gives HTTP URL.

    To let the application server know that SSL is enabled and used the https protocol, you need explicitly tell application server.

    In the Nginx web server, I have used,

    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-Ssl on;
    

    For Apache web server, need to find similar settings.

    I think using config.force_ssl = true can solve a problem but not properly since this config, change all HTTP request into HTTPS. Means if someone requests with HTTP it will redirect to HTTPS. config.force_ssl = true will not work in case of API's were you were sending URLs to the client side.

提交回复
热议问题