skip/disable force_ssl for particular controller in rails
skip_before_action :verify_authenticity_token
force_ssl except: [:index,:create]
Its worked for me.
Disable force_ssl for specific controllers in Rails 5
You're using the global configuration method. This ensures ssl on every controller and every action. Switch to controller based forcing.
You can either add it to every controller you want it in, or add it to the application controller and turn it off based on the controller/action combo, i like a case statement because it allows multiple options, but you can do what works best for your app.
class ApplicationController < ActionController::Base
force_ssl unless: :no_ssl?
def no_ssl?
case "#{params[:controller]} #{params[:action]}"
when "parents index"
return false
else
return false
end
end
end
Rails force ssl only on specified controllers
You can do this with constraints in routes.rb:
resource :account, :constraints => { :protocol => "https", :subdomain => "secure" }
Also, if you have many secure routes, and you want to DRY things up, you can create a scope
for your secure routes:
scope :constraints => { :protocol => "https", :subdomain => "secure" } do
...[secure routes]...
end
Rails 3.2 force_ssl except on landing page
rack-ssl-enforcer gem will help you
Rails 3.2 force_ssl except on landing page
rack-ssl-enforcer gem will help you
Force SSL for specific routes in Rails 3.1
I asked a similar question on stackoverflow here and was told to use https://github.com/tobmatth/rack-ssl-enforcer. I haven't tried it out yet, but based on the readme, it appears to solve your problem of conditionally enforcing ssl on certain routes.
Check if current controller has parent of some other controller inside the application_controller
If you use a before_filter
in the ApplicationController to prevent customers from going to pages there you can use skip_filter
in the base controller for the DedicatedController.
So for ours we have:
class ApplicationController
before_filter :ensure_not_a_customer
.
.
end
class Admin::BaseController < ApplicationController
skip_filter :ensure_not_a_customer
.
.
end
class Admin::WebpageController < Admin::BaseController
.
.
end
Then anything inherited from Admin::BaseController will skip the before_filter from the ApplicationController.
Related Topics
How to Mark a Cucumber Scenario as Pending
Ruby on Linux Pty Goes Away Without Eof, Raises Errno::Eio
How to Execute Windows Cli Commands in Ruby
Does Ruby Have Syntax for Safe Navigation Operator of Nil Values, Like in Groovy
Twitter Bootstrap Displays Button with Greyed Text
How to Serialize an Object Using Tcpserver Inside
How Does Activerecord Define Methods Compared to Attr_Accessor
Rails 4 Session.Id Occasionally Nil
How to Strip Leading and Trailing Quote from String, in Ruby
Rails: Methods Shared by Multiple Controllers
Cocoon Add Association, How to Limit Number of Associations
Rails 4.1 Activerecord::Relation Is No More Like Array
/Config/Initializers/Secret_Token.Rb Not Being Generated. Why Not
Rails Shows "Warning: Can't Verify Csrf Token Authenticity" from a Restkit Post
How to Use Same Browser Window for Automated Test Using Selenium-Webdriver (Ruby)