Rails force ssl only on specified controllers
You can do this with constraints in routes.rb:
resource :account, :constraints => { :protocol => "https", :subdomain => "secure" }
Also, if you have many secure routes, and you want to DRY things up, you can create a scope
for your secure routes:
scope :constraints => { :protocol => "https", :subdomain => "secure" } do
...[secure routes]...
end
skip/disable force_ssl for particular controller in rails
skip_before_action :verify_authenticity_token
force_ssl except: [:index,:create]
Its worked for me.
It is possible to force SSL only in specific views in RoR3?
Yes, you can use the force_ssl
method in your controller. See the docs here.
class PagesController < ApplicationController
force_ssl only: [:create, :update]
end
How to Force SSL to Specific Named Route in Rails
It doesn't look like you've provided a named route here (i.e. match '/find-a-abc' => "home#abc", :as => :named_route
). You will need to do this and call named_route_url
rather than just the controller and action to get the right URL.
If you want a specific route to always be handled with SSL, you could define the route like so:
scope :protocol => 'https://', :constraints => { :protocol => 'https://' } do
match '/find-a-abc' => "home#abc", :as => :abc
end
Then abc_url
should always be "https://local.demo.com/find-a-abc"
Partial SSL in rails
This is typically done with the SSL Requirement plugin. It sets up before_filter
s allowing you to specify which actions require SSL and which optionally allow it, and which specifically do not allow it.
Outside of that, it's just a matter of setting up 2 VHosts in your Apache (or whichever server you use) configuration, one for the SSL site and one for the non-SSL site.
Rails 3: Forcing HTTP in some parts, and Forcing HTTPS in others?
Not sure if this blog will be of any use to you: Always-On HTTPS With Rails Behind an ELB
also this may also be of use to you considering you are trying to force some parts of your application to use https. SSL Requirement. It details under the section about SSL requirement adds a declarative way of specifying that certain actions should only be allow to run under SSL. Should you want to specify the entire controller in SSL then call ssl_exceptions
Alternatively you could try and write a before_filter
by doing something like
class ApplicationController < ActionController::Base
before_filter do
if request.ssl? || Rails.env.production?
redirect_to :protocol => 'http://', status => :moved_permanently
end
end
end
Hope this helps
Related Topics
How to Convert Boolean Values to Integers
Installing Rmagick Gem -- Can't Find Magickwand.H
Ruby: How to Find the Key of the Largest Value in a Hash
Accepts_Nested_Attributes_For Ignore Blank Values
Why Does a Rails App on Heroku Serve Assets via All.CSS and Locally via Individual Files
Scanning for Unicode Numbers in a String with \D
Ruby Regex Gsub a Line in a Text File
Ruby If VS End of the Line If Behave Differently
Check Method Call on Model Using Minitest
Ruby Inside JavaScript Block [Slim Template]
Ruby Variable Name with Double Underscores
Protected Sharing Link in Ruby on Rails
How to Split Routes.Rb into Smaller Files
How to Set a Variable from a Helper Method for Inclusion in a SASS SCSS Stylesheet
Calendar Events Notification Not Received on Server
Ruby/Pgsql Error on Rails Start:Cannot Load Such File -- Pg_Ext (Loaderror)