在 Rails 2 应用程序中使用 ssl_requirement 强制 SSL [英] Force SSL using ssl_requirement in Rails 2 app

问题描述

我有一个需要在 SSL 下运行的 Rails 应用程序.我尝试了 ssl_requirement，但似乎我必须在每个控制器中输入所有操作.

I have a Rails application which need to run under SSL. I tried ssl_requirement but seems I have to type in all the actions in every controllers.

有什么方法可以在应用程序控制器中添加一个 before_filter 和 ssl_requirement，这样当用户请求在 http 中时应用程序会自动重定向到 https?

Is there any method that I can add a before_filter in application controller with ssl_requirement, so that the apps will redirect to https automatically when user request is in http?

谢谢大家.:)

推荐答案

使用 机架中间件.

# lib/force_ssl.rb
class ForceSSL
  def initialize(app)
    @app = app
  end

  def call(env)
    if env['HTTPS'] == 'on' || env['HTTP_X_FORWARDED_PROTO'] == 'https'
      @app.call(env)
    else
      req = Rack::Request.new(env)
      [301, { "Location" => req.url.gsub(/^http:/, "https:") }, []]
    end
  end
end

# config/environment.rb
config.middleware.use "ForceSSL"

这篇关于在 Rails 2 应用程序中使用 ssl_requirement 强制 SSL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！