Ruby on Rails: ssl_required: how to enable the whole application?

Question

Ruby on Rails: ssl_required: how to enable the whole application?

Is there an easy way to enable SSL throughout the application?

I am using rails 2.3.8

+7

ruby-on-rails ssl

NullVoxPopuli Jul 27 '11 at 17:40

source share

1 answer

Jeremy roman · Accepted Answer · 2011-07-27T17:51:51+0000

By default, all your controllers should inherit from ApplicationController .

ssl_required actually supported by a protected method called ssl_required? , which determines whether SSL is required for this action. This implementation will force SSL to always be required in a production environment (but not otherwise, so you can still do development as usual).

 class ApplicationController < ActionController::Base # (... other stuff ...) protected def ssl_required? Rails.env.production? end end

Depending on your environment, it may be possible that the upstream server is accessible only through HTTPS (for example, if you use Apache, you can configure it to not serve the application through port 80). It depends on your server settings.

Ruby on Rails: ssl_required: how to enable the whole application?

More articles: