Rails SSL Requirement plugin -- shouldn't it check to see if you're in production mode before redirecting to https?

Question

Take a look at the ssl_requirement plugin.

Shouldn't it check to see if you're in production mode? We're seeing a redirect to https in development mode, which seems odd. Or is that the normal behavior for the plugin? I thought it behaved differently in the past.

Nathan de Vries · Accepted Answer

I guess they believe that you should probably be using HTTPS (perhaps with a self-signed certificate) in development mode. If that's not the desired behaviour, there's nothing stopping you from special casing SSL behaviour in the development environment yourself:

class YourController < ApplicationController
  ssl_required :update unless Rails.env.development?
end

Anatoly · Answer

  def ssl_required?
    return false if local_request? || RAILS_ENV == 'test' || RAILS_ENV == 'development'
    super
  end

Rails SSL Requirement plugin -- shouldn't it check to see if you're in production mode before redirecting to https?

Tags:

https

ssl

ruby-on-rails

Joe Van Dyk

2 Answers

Nathan de Vries

Anatoly

Recent Activity

Donate For Us

Rails SSL Requirement plugin -- shouldn't it check to see if you're in production mode before redirecting to https?

Tags:

https

ssl

ruby-on-rails

Joe Van Dyk

2 Answers

Nathan de Vries

Anatoly

Related questions

Recent Activity

Donate For Us