如何让Google App Engine上的Rails应用重定向到HTTPS [英] How to make a Rails app on Google App Engine redirect to HTTPS

问题描述

我已成功将我的Rails应用程序部署到Google App Engine（我的域也由Google托管），现在我想将任何转到我的http：//地址的人重定向到我的https：//地址。

对于Python应用程序，我找到了相应的文档这里使用 app.yaml 处理程序元素c>文件，并试图在我自己的复制它。

我的 app.yaml 文件现在包含这个：

 处理程序：
  -  url：/.* 
脚本：config / application.rb 
 secure：始终
 redirect_http_response_code：301 
  

但是我仍然可以访问http：//而不被重定向，我认为这是因为 script：config / application.rb 选项，我已经通过。我不知道应该使用哪个文件，或者该文件应该包含在Rails应用程序中。如果我不通过脚本选项，部署就会中断。

如果您需要更多信息，请告知我感谢您的帮助！

解决方案

您可以通过您的应用程序的 config / environments / production.rb 文件，您只需添加一行：

  Rails.application.configure do 
＃其他代码... 
 config.force_ssl = true＃添加此行以强制执行生产中的HTTPS 
结束
  

实际上，这会为您的应用程序执行三项操作： >

安全cookie：设置cookie上的安全标志

HTTP严格传输安全性（HSTS） li>

在 http://guides.rubyonrails.org/configuring.html

I have successfully deployed my Rails app to the Google App Engine (my domain is also hosted by Google), and now I would like to redirect anyone going to my http:// address to my https:// address.

I have found the documentation to do so for a Python app here using the handlers element in the app.yaml file, and have attempted to replicate it in my own.

My app.yaml file now contains this:

handlers:
- url: /.*
script: config/application.rb
secure: always
redirect_http_response_code: 301

However I can still visit http:// without being redirected, and I think that it's because of the script: config/application.rb option that I've passed. I have no idea which file I should use or what that file should contain in a Rails app. Deployment breaks if I do not pass the script option.

Let me know if you need any more info, and thanks in advance for your help!

解决方案

Well you can enforce SSL through your app's config/environments/production.rb file, you just need to add one line:

Rails.application.configure do
    # Other code...
    config.force_ssl = true # add this line to force HTTPS on production 
end

This will do 3 things for your application, actually:

1. TLS redirect
2. Secure cookies: Sets the secure flag on cookies
3. HTTP Strict Transport Security (HSTS)

Read more about your application's configuration at http://guides.rubyonrails.org/configuring.html

这篇关于如何让Google App Engine上的Rails应用重定向到HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！