Rails 仅在指定的控制器上强制 ssl [英] Rails force ssl only on specified controllers

问题描述

我有一个 ssl 证书，用于 https://secure.mydomain.com.我只想在某些控制器上使用 ssl，而不是在我的整个应用程序中.我在网上查看过，似乎找不到关于如何为指定控制器启用 ssl 的完整而准确的教程.

I have a ssl certificate which serves https://secure.mydomain.com. I would like to use ssl only on certain controllers and not throughout my entire application. I have looked online and can't seem to find a complete and accurate tutorial on how to enable ssl for specified controllers.

我知道我可以使用下面的配置 ssl，但它对我没有用，因为它启用了 ssl 站点范围

I am aware that I can use the config ssl below but it does not serve me a purpose since it enables ssl site wide

config.force_ssl = true

如何告诉 rails 只在特定控制器上使用 ssl 而不是我的整个应用程序?

How can I tell rails to only use ssl on a specific controller rather then my entire application?

推荐答案

您可以使用 routes.rb 中的约束来做到这一点:

You can do this with constraints in routes.rb:

resource :account, :constraints => { :protocol => "https", :subdomain => "secure" }

另外，如果你有很多安全路由，并且你想把事情弄干，你可以为你的安全路由创建一个scope:

Also, if you have many secure routes, and you want to DRY things up, you can create a scope for your secure routes:

scope :constraints => { :protocol => "https", :subdomain => "secure" } do

  ...[secure routes]...

end

这篇关于Rails 仅在指定的控制器上强制 ssl的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！