Rails 仅在指定的控制器上强制 ssl [英] Rails force ssl only on specified controllers
问题描述
我有一个 ssl 证书,用于 https://secure.mydomain.com.我只想在某些控制器上使用 ssl,而不是在我的整个应用程序中.我在网上查看过,似乎找不到关于如何为指定控制器启用 ssl 的完整而准确的教程.
I have a ssl certificate which serves https://secure.mydomain.com. I would like to use ssl only on certain controllers and not throughout my entire application. I have looked online and can't seem to find a complete and accurate tutorial on how to enable ssl for specified controllers.
我知道我可以使用下面的配置 ssl,但它对我没有用,因为它启用了 ssl 站点范围
I am aware that I can use the config ssl below but it does not serve me a purpose since it enables ssl site wide
config.force_ssl = true
如何告诉 rails 只在特定控制器上使用 ssl 而不是我的整个应用程序?
How can I tell rails to only use ssl on a specific controller rather then my entire application?
推荐答案
您可以使用 routes.rb 中的约束来做到这一点:
You can do this with constraints in routes.rb:
resource :account, :constraints => { :protocol => "https", :subdomain => "secure" }
另外,如果你有很多安全路由,并且你想把事情弄干,你可以为你的安全路由创建一个scope
:
Also, if you have many secure routes, and you want to DRY things up, you can create a scope
for your secure routes:
scope :constraints => { :protocol => "https", :subdomain => "secure" } do
...[secure routes]...
end
这篇关于Rails 仅在指定的控制器上强制 ssl的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!