I notice there’s the protocol option you can pass to route helpers to
ensure that you can use https.
I’m just wondering if there’s a setting that can be applied globally so
that I don’t have to do this with each individual call.
Thanks.
I notice there’s the protocol option you can pass to route helpers to
ensure that you can use https.
I’m just wondering if there’s a setting that can be applied globally so
that I don’t have to do this with each individual call.
Thanks.
On Friday, 9 August 2013 15:15:16 UTC-4, stantona wrote:
I notice there’s the protocol option you can pass to route helpers to
ensure that you can use https.I’m just wondering if there’s a setting that can be applied globally so
that I don’t have to do this with each individual call.Thanks.
Couple options on this:
Rails.application.routes.default_url_options[:protocol]= ‘https’
config.force_ssl = true
The second form will also do a couple things:
makes URL helpers return HTTPS URLs
makes session cookies secure (only sent over HTTPS)
automatically redirects visitors on HTTP to HTTPS
sends HSTS headers
(HTTP Strict Transport Security - Wikipedia )
Probably better to use “config.force_ssl” unless you don’t need / can’t
use
some of the extra things it does.
–Matt J.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs