重定向到HTTPS时在轨多重定向 [英] Multiple redirects in rails when redirecting to HTTPS

问题描述

情况如下（我用Rails 3.1）。

The situation is as follows (I am using Rails 3.1).

我有以下途径：

match 'login', :to => 'sessions#new'

pretty标准。我也有这个重定向规则在我的Apache虚拟主机文件：

Pretty standard. I also have this redirect rule in my Apache virtual hosts file:

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (/login$) https://%{HTTP_HOST}%{REQUEST_URI}

当我浏览到的https：//hostname.dom/login 我得到一个301状态code从我的浏览器（过多的重定向）。可有人指出，这是怎么回事就在这里引擎盖后面？谢谢你。

When I navigate to https://hostname.dom/login I get a 301 status code from my browser (too many redirects). Can someone point out what's going on behind the hood here? Thanks.

推荐答案

我会处理这通过铁轨，而不是重定向的Apache。错误的机会较少，并删除您的轨道耦合应用到特定的Web服务器（Apache在这种情况下）。结果
钢轨3.0.x和previous使用
SSL_Requirement 和3.1.X和以后使用它的烤<一个href=\"https://github.com/rails/rails/blob/master/actionpack/lib/action_controller/metal/force_ssl.rb\"相对=nofollow> force_ssl 的方法。

I would handle this redirect through rails instead of apache. Less chance of errors and Removes coupling of your rails app to a certain web server(apache in this case).
For Rails 3.0.X and previous use SSL_Requirement and for 3.1.X and later use it's baked in 'force_ssl' method.

ssl_requirement例如：

ssl_requirement example:

class ApplicationController < ActiveRecord::Base
  include SslRequirement
end

class SessionController < ApplicationController
  ssl_required :new, :create

  def new
    # Non-SSL access will be redirected to SSL
  end
end

force_ssl例如：

force_ssl example:

class SessionController < ApplicationController
  force_ssl :only =>  :new, :create

  def new
    # Non-SSL access will be redirected to SSL
  end
end

这篇关于重定向到HTTPS时在轨多重定向的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！