If you prefer not to depend on a forked plugin, can you override ssl_allowed? in your controller:
class ApplicationController < ActionController::Base ... private def ssl_allowed? true end end
EDIT: It does not do what I thought. Instead of disabling http redirects for pages that are not ssl_required, it shortens the entire redirect process so that nothing is done. This is very bad. The code:
def ensure_proper_protocol return true if ssl_allowed? if ssl_required? && !request.ssl? redirect_to "https://" + request.host + request.request_uri flash.keep return false elsif request.ssl? && !ssl_required? redirect_to "http://" + request.host + request.request_uri flash.keep return false end end
Adding ssl_allowed? a method like this would only be the answer if I read the code instead:
def ensure_proper_protocol if ssl_required? && !request.ssl? redirect_to "https://" + request.host + request.request_uri flash.keep return false elsif request.ssl? && !ssl_required? && !ssl_allowed? redirect_to "http://" + request.host + request.request_uri flash.keep return false end end
Jeff kaufman
source share