I don’t quite understand how ssl_required interacts with forms in Ruby
on Rails.
I’ve installed the ssl_requirement plugin, and listed one of my
form-submission actions (:assign_building) in an ssl_required
declaration. The form is shown at the end of this message.
The form includes a select_tag to collect a parameter tagged as
:building_id.
If :assign_building is listed in ssl_required, params does not include
the :building_id key. If it’s not in ssl_required, :building_id is in
params.
I should mention that I have defined default_url_options to set
:protocol => “https://”.
How do I ensure that my form will be submitted via SSL, and keep all its
parameters? I’m pretty sure I’m missing a concept here, but of course
I’m too ignorant to know what that concept might be.
ruby 1.8.6 (2008-03-03 patchlevel 114) [universal-darwin9.0]
Rails 1.2.6
-- F
===
<% form_tag :controller => :people, :action => :assign_building, :id =>
@person do %>
<% buildings = Building.find(:all, :order => ‘facility_location,
building’).collect { |b| [ b.building, b.id ] } -%>
<% bldg_opts = options_for_select(buildings, @person.building_id)
-%>
<%= select_tag :building_id, bldg_opts %>
<%= submit_tag “Set” %>
<% end -%>
Partial log when ssl_required is in effect:
Processing PeopleController#assign_building (for at 2008-12-11
13:11:50) [GET]
Session ID: 31c980c882ed498eaed93fcb08916d63
Parameters: {“action”=>“assign_building”, “id”=>“5”,
“controller”=>“people”}