Disabling SSL for a Heroku App

Question

I recently changed the domain for a Rails app I have running on Heroku. I redirected the original to the new one, and for the last couple of months have been running SSL on

Answer 1

In addition to what Jan said, here is what I did to do the trick.

In application_controller.rb :

before_filter :expire_hsts

[...]
private
  def expire_hsts
    response.headers["Strict-Transport-Security"] = 'max-age=0'
  end

In production.rb

config.force_ssl = false

Clear the cache of your web browser and that's it !