What's the proper way to enforce https in a rails 4 route?
For example I would expect to be able to do something like:
get 'success' => 'ssl#success', :ssl_only => true
But that doesn't do anything.
Asked
Active
Viewed 8,085 times
4 Answers
4
You can use force_ssl to force http://site/success to redirect to https://site/success. Please refer to the documentation for force_ssl.
class SSLController < ApplicationController
force_ssl only: :success # see docs for more options
end
-
Yes, I knew about that one, it seems like there should be a rails 4 trick to forcing it in the route. – pguardiario Sep 23 '13 at 06:01
-
I don't quite understand. What are you trying to accomplish? – James Lim Sep 23 '13 at 06:09
1
If you want https://.../ssl/success
scope constraints: { protocol: 'https' } do
get 'success', to: 'ssl#success', as: 'success'
end
or
get 'success', to: 'ssl#success', as: 'success', constraints: { protocol: 'https' }
Rajarshi Das
- 11,778
- 6
- 46
- 74
-
No I want https://mysite.com/success to go to ssl#success. This answer isn't working for me. – pguardiario Sep 23 '13 at 05:37
-
sorry I am not getting is ssl your controller? and success is your action? – Rajarshi Das Sep 23 '13 at 05:39
0
I eventually got this to work with:
get 'success', to: 'ssl#success', constraints: {protocol: /https/}
pguardiario
- 53,827
- 19
- 119
- 159
-
-
I know, it's a small thing. My hunch is that the protocol is actually 'https://' or something and this is why the regex works but not the string. – pguardiario Sep 24 '13 at 01:14
-
Doesn't work for you maybe, but his answer is the correct one and it lead you to your answer. I think that would have been fair. – Ely Feb 16 '15 at 05:43
0
In my case it worked by adding "force_ssl" in the application_controller.rb.
Naiguel Developer
- 313
- 3
- 3