Rails:激活SSL支持让Chrome感到困惑 [英] Rails: activating SSL support gets Chrome confused
问题描述
为Rails应用程序配置有一个很好的选择:
There is a nice option to config for the Rails app:
config.force_ssl = true
config.force_ssl = true
但是,似乎只是将其设置为true并不能使HTTPS连接正常工作。更多 - 在尝试(并且失败)与Chrome连接到 https:// localhost:3000 之后,我已经设置了这个选项为false,即使我写了http,Chrome仍然会尝试打开https。
However it seems that just putting that to true doesn't get the HTTPS connections working. Even more - after trying (and failing) to connect to https://localhost:3000 with Chrome, I've set this option to false, and Chrome still tries to open https, even if I write http.
所以,几个问题:
- 如何强制Chrome不再尝试https?
- 在我的Rails应用程序上启用SSL的正确方法是什么?
--How to force Chrome not to try https anymore? --What is the proper way of enabling SSL on my Rails app?
更新:该应用程序在Heroku上运行,似乎支持https自动化。我可以在本地测试SSL吗?就像运行rails服务器一样?
Update: The app is run on Heroku, and it seems that https is supported there automagically. Can I test SSL also locally? Like when running rails server?
推荐答案
首先,我应该说我没试过这个,但主要有两个可能Chrome仍然使用HTTPS的原因:
First, I should say that I haven't tried this, but there are mainly two possibly reasons for Chrome still using HTTPS:
-
使用 HTTP严格传输安全性标头:如果服务器设置它们,则客户端(支持HSTS,如Chrome)意味着坚持使用HTTPS来获取对该主机的所有后续请求。
Using HTTP Strict Transport Security headers: if the server sets them, the client (supporting HSTS, like Chrome) is meant to stick to HTTPS for all subsequent requests to that host.
永久重定向。如果您获得的初始重定向是使用301 Moved Permanently(而不是302)进行重定向,(*)浏览器是为了记住它(已为所请求的资源分配了一个新的永久URI和任何未来对此资源的引用应该使用其中一个返回的URI )。
Permanent redirects. If the initial redirect you got was using "301 Moved Permanently" (and not 302 for example) to make the redirection,(*) the browser is meant to remember it ("The requested resource has been assigned a new permanent URI and any future references to this resource SHOULD use one of the returned URIs").
一个可能的解决方案将清除浏览器中的缓存。
A likely solution to this would be to clear the cache in your browser.
(*) 这个问题似乎表明这个配置是Ruby on Rails的情况。)
(*) This question seems to indicate this is the case for Ruby on Rails with this config).
这篇关于Rails:激活SSL支持让Chrome感到困惑的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!