Force SSL for specific routes in Rails 3.1

Question

I need to force SSL on all routes in my application except for landing#index.

In config/application.rb, I have:

Answer 1

You can do it this way:

controller

force_ssl :except => :index

view

supposing your index path name is index_landing_path

<%= link_to 'Landing', index_landing_path, :protocol => 'http' %>

Answer 2

Rails 4 with ActiveAdmin 1.0b, I modified config/initializers/active_admin.rb:

config.before_filter :force_ssl_redirect, if: :https_enabled?

force_ssl_redirect is defined in actionpack/lib/action_controller/metal/force_ssl.rb and is what Rails' force_ssl class method calls.

https_enabled? defined in my application_controller.rb:

def https_enabled?
  ENV['HTTPS_ENABLED'] == 'true'
end

Answer 3

I asked a similar question on stackoverflow here and was told to use https://github.com/tobmatth/rack-ssl-enforcer. I haven't tried it out yet, but based on the readme, it appears to solve your problem of conditionally enforcing ssl on certain routes.