在 Rails 3.1 中为特定路由强制 SSL [英] Force SSL for specific routes in Rails 3.1

问题描述

我需要在应用程序中的所有路由上强制使用 SSL，landing#index 除外.

I need to force SSL on all routes in my application except for landing#index.

在 config/application.rb 中，我有:

config.force_ssl = true

然后在 landing_controller.rb 中，我有:

force_ssl :except => :index

然而，所有路由仍然被重定向到 https.

However, all routes are still being redirected to https.

有谁知道如何在 Rails 3.1+ 应用程序中有条件地强制使用 SSL?

Does anyone know how to conditionally force SSL in a Rails 3.1+ application?

解决方案:

将以下内容添加到您的 Gemfile:

Add the following to your Gemfile:

gem 'rack-ssl-enforcer'

将以下内容添加到您的 config/application.rb:

Add the following to your config/application.rb:

config.middleware.use Rack::SslEnforcer, :except => [ /\/$/ ], :strict => true

推荐答案

我在 stackoverflow 上问了一个类似的问题 此处 并被告知使用 https://github.com/tobmatth/rack-ssl-enforcer.我还没有尝试过，但根据自述文件，它似乎可以解决您在某些路由上有条件地强制执行 ssl 的问题.

I asked a similar question on stackoverflow here and was told to use https://github.com/tobmatth/rack-ssl-enforcer. I haven't tried it out yet, but based on the readme, it appears to solve your problem of conditionally enforcing ssl on certain routes.

这篇关于在 Rails 3.1 中为特定路由强制 SSL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！