发表新帖
发表新帖

Rails - How to Redirect from http://example.com to https://www.example.com

前端 未结
关注
6 670
感动是毒
感动是毒 2020-12-23 16:56

I\'m looking to learn how to cleanup my app\'s URLs. My app is powered by Rails 3 on Heroku.

The desired URL is https://www.example.comite.com

I

相关标签:
6条回答
  • 醉梦人生
    2020-12-23 17:19

    DO it in your vhosts file.

    Setup a SSL vhost.

    In your standard port 80 virtual host. Add this to the config:

    Redirect permanent / https://www.mysite.com

    This will forward all port 80 requests to https.

    0 讨论(0)
  • 陌清茗
    2020-12-23 17:20

    You can always throw this in your production.rb... config.use_ssl = true

    0 讨论(0)
  • 南方客
    2020-12-23 17:27

    As an extension to user2100689's answer, in Rails 3+ you can use config.force_ssl = true in config/environments/production.rb

    The line can just be uncommented as follows

    # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true
    0 讨论(0)
  • 青春惊慌失措
    2020-12-23 17:34

    Because this is Heroku, you cannot use apache or nginx configs. What you can do is put a before_filter in your ApplicationController, assuming you have 3 or more controllers like these below, although of course they will be in separate files

    class ApplicationController < ActionController::Base
    def redirect_https        
        redirect_to :protocol => "https://" unless request.ssl?
        return true
    end
    before_filter :redirect_https
end
class TypicalController < ApplicationController
    def blah
    end
end
class HomePageController < ApplicationController
    skip_before_filter :redirect_https
end

    You may also need to fiddle your routes a bit when using devise, but I suspect that was just the way we did it so I won't get into those details here, and I've modified the code above to avoid that complication.

    happy hacking.

    0 讨论(0)
  • 难免孤独
    2020-12-23 17:37

    Rails 3.1.0 and higher has force_ssl, which is a controller method that will redirect to https for non-development environments.

    http://api.rubyonrails.org/classes/ActionController/ForceSSL/ClassMethods.html

    Place it in each controller that you want to redirect, or better yet, place it in your ApplicationController:

    app/controllers/application.rb:

    class ApplicationController < ActionController::Base
  # ...
  force_ssl
  # ...
end

    This is a good thing to always include in your apps (and of course you'll have to get a certificate). HTTPS Everywhere!

    0 讨论(0)
  • 不思量自难忘°
    2020-12-23 17:38

    DNS records cannot define the protocol for a domain, therefore you can't redirect http:// to https:// through DNS. Doing it through the web server configuration is not portable, hard to do, error prone and just plain outdated. This is a job best handled by the Rails router.

    # beginning of routes.rb 
match "*path" => redirect("https://www.mysite.com/%{path}"), :constraints => { :protocol => "http://" }
match "*path" => redirect("https://www.mysite.com/%{path}"), :constraints => { :subdomain => "" }
    0 讨论(0)
 看不清?
提交回复
热议问题