1

I want to have mixed https/http site.

Moreover I want have redirects from https to http(ie. after user login successfully it should redirect to root page at http).

Gems like:

  • rack-ssl
  • rack-ssl-enforcer

works perfectly but only If you want to have entire site at https "Mixed http/https" with only ssl at A, B, C actions and only http at D, E, F - dont work.

I checked solution from another SO thread:

Rails 3 SSL routing redirects from https to http

Almost works. Its easy to write script which will change(on entire views) helper from "_path" to "_url".

But there is a problem with links like:

<%= link_to "model", some_model %>
<%= link_to "edit model", edit_mode_url(model) %>
...

There are many diffrent models and I use often "model" at iteration blocks, so solution based on 'rewrite' script will dont work with that.

Questions:

Is there a way to change behavior of <%= link_to 'model', model %> code to fix that? Is there a possibility to overwrite path helper(standard protocol will be http, on giver parameter - https)?

Or maybe there is a another solution which I have not found yet?

Edit:

I work with Rails 3.0.9.

Community
  • 1
  • 1
nothing-special-here
  • 11,230
  • 13
  • 64
  • 94

2 Answers2

1

If you would like to add https to a particular route

you can use this code 

before_filter :redirect_to_https
def redirect_to_https
     redirect_to :protocol => "https://" unless (request.ssl? || request.local?)
end

You can define the routes you would like to use with the before_filter action simply by doing the following

before_filter :redirect_to_https, :except => [:action1 , :action2]
before_filter :redirect_to_https, :only => [:action1 , :action2]
Travis Delly
  • 1,194
  • 2
  • 11
  • 20
0

Use this gem:

https://github.com/retr0h/ssl_requirement

gem install ssl_requirement

Then to add ssl_required :new, :destroy #others actions to your controllers.

If you use devise you have to overwrite each controller and specify all actions

devise_for :users, :controllers => { :confirmations => "confirmations", :omniauth_callbacks => "omniauth_callbacks", :passwords => "passwords",  :registrations => "registrations", :sessions => "sessions", :unlocks => "unlocks" } do
# etc
end

It works with Rails 3.0.x

nothing-special-here
  • 11,230
  • 13
  • 64
  • 94