Skip/Disable Force_Ssl for Particular Controller in Rails

skip/disable force_ssl for particular controller in rails

skip_before_action :verify_authenticity_token
force_ssl except: [:index,:create]

Its worked for me.

Disable force_ssl for specific controllers in Rails 5

You're using the global configuration method. This ensures ssl on every controller and every action. Switch to controller based forcing.

You can either add it to every controller you want it in, or add it to the application controller and turn it off based on the controller/action combo, i like a case statement because it allows multiple options, but you can do what works best for your app.

class ApplicationController < ActionController::Base
  force_ssl unless: :no_ssl?

  def no_ssl?
    case "#{params[:controller]} #{params[:action]}"
    when "parents index"
      return false
    else
      return false
    end
  end
end

Rails force ssl only on specified controllers

You can do this with constraints in routes.rb:

resource :account, :constraints => { :protocol => "https", :subdomain => "secure" }

Also, if you have many secure routes, and you want to DRY things up, you can create a scope for your secure routes:

scope :constraints => { :protocol => "https", :subdomain => "secure" } do

  ...[secure routes]...

end

Rails 3.2 force_ssl except on landing page

rack-ssl-enforcer gem will help you

Rails 3.2 force_ssl except on landing page

rack-ssl-enforcer gem will help you

Force SSL for specific routes in Rails 3.1

I asked a similar question on stackoverflow here and was told to use https://github.com/tobmatth/rack-ssl-enforcer. I haven't tried it out yet, but based on the readme, it appears to solve your problem of conditionally enforcing ssl on certain routes.

Check if current controller has parent of some other controller inside the application_controller

If you use a before_filter in the ApplicationController to prevent customers from going to pages there you can use skip_filter in the base controller for the DedicatedController.

So for ours we have:

class ApplicationController
  before_filter :ensure_not_a_customer
  .
  .
end
class Admin::BaseController < ApplicationController
  skip_filter :ensure_not_a_customer
  .
  .
end
class Admin::WebpageController < Admin::BaseController
  .
  .
end

Then anything inherited from Admin::BaseController will skip the before_filter from the ApplicationController.


Related Topics

How to Mark a Cucumber Scenario as Pending

Ruby on Linux Pty Goes Away Without Eof, Raises Errno::Eio

How to Execute Windows Cli Commands in Ruby

Does Ruby Have Syntax for Safe Navigation Operator of Nil Values, Like in Groovy

Faraday::Connectionfailed, Connection Refused - Connect(2) for "Localhost" Port 9200 Error Ruby on Rails

Twitter Bootstrap Displays Button with Greyed Text

How to Serialize an Object Using Tcpserver Inside

Check If String Is Base64

How Does Activerecord Define Methods Compared to Attr_Accessor

Rails 4 Session.Id Occasionally Nil

How to Strip Leading and Trailing Quote from String, in Ruby

Rails: Methods Shared by Multiple Controllers

Cocoon Add Association, How to Limit Number of Associations

Rails 4.1 Activerecord::Relation Is No More Like Array

/Config/Initializers/Secret_Token.Rb Not Being Generated. Why Not

Rails Shows "Warning: Can't Verify Csrf Token Authenticity" from a Restkit Post

How to Use Same Browser Window for Automated Test Using Selenium-Webdriver (Ruby)

Working with Decimals in Ruby on Rails 3


Leave a reply



Submit