/admin in https

Hi,

Is there a way to make the /admin into https and everything else in http
?

Thanks

On Wednesday 20 September 2006 21:10, Beber wrote:

Hi,

Is there a way to make the /admin into https and everything else in http ?

I do this on the Apache side using redirects, but it isn’t pretty.

TX

Trejkaz [email protected]

On Wednesday 20 September 2006 21:10, Beber wrote:

Hi,

Is there a way to make the /admin into https and everything else in http ?

I do this on the Apache side using redirects, but it isn’t pretty.

I tried that and with ProxyPass setting and it only fails. Could you
paste me your redirection ?

Thnaks

On 9/21/06, Beber [email protected] wrote:

paste me your redirection ?
Sooner or later I’d like to make this a config option–if it’s set,
then Typo generates all /admin URLs with https://. That’d probably be
easier. Feel free to submit a patch :-).

Scott

Scott,

I believe that the rails team has already done this for you :slight_smile:

In the the httpd.conf in your <VirtualHost *:443> record add this

RequestHeader set X_FORWARDED_PROTO “https”

Then all of your url_for() will correctly render https or http depending
on
the RequestHeader parameter

I’m not a sys admin … Nor do I play on on TV… This is where I
learned
about this little gem. (Also I should mention that we are running
apache 2/
Mongrel Rails)

http://www.planetrubyonrails.org/show/feed/60

-Linda D.

In my case we turned the entire site into https, so that solved my
problem.

(Did I mention that I’m not a sysadmin :slight_smile:
where is the flaw in this logic?
Add proxy pass for /admin /accounts in the *:80 record to the https
urls.
Add the X_FORWARDED_PROTO to the :443 record.

My thought is that if rails produces a /admin or /accounts url with http
then the proxypasses will convert it to https.

Unless your point is that once in https there is no way to return to
http?
So you would end up putting proxypasses in https to point /articles etc
to
http.

-Linda

That’s part of the issue, but it’d be nice if every link to /admin
(or /accounts) used https while non-authenticated links still use
http. That’s a bit harder to do from Apache.

Scott

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 22/09/2006, at 05:23 AM, Scott L. wrote:

That’s part of the issue, but it’d be nice if every link to /admin
(or /accounts) used https while non-authenticated links still use
http. That’s a bit harder to do from Apache.

Part of the problem I had with this kind of trick from Apache was
that the admin interface still links to various resources
(stylesheets, image files) which are outside the /admin URL scheme.
So I had to put in a whole set of extra rules to make those ones not
auto-redirect back to http:, otherwise browsers would give a bunch of
security warnings (displaying non-secure resource from secure page,
etc.)

TX

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)

iD8DBQFFH2PpuMe8iwN+6nMRAjxGAJkBBF2+c6bpEVuHwreOf8f64OWu3wCeNVRS
BhUODYxqS2YLtufJIM0IlO0=
=FbEW
-----END PGP SIGNATURE-----

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs