Strange ssl_requirement plugin issues

I’m having problems with the ssl_requirement plugin. I’m moving my
app from one server to another. Both servers have the same versions
of ruby and rails, and the code and ssl certificates on the two
servers is identical. When a user hits the “checkout” button, he/she
issues a POST request for the checkout_1 action. When things are
working, the server then uses GET to render the template (at least,
that’s what it looks like it’s doing). This is where the issue
happens.

The working server renders the template/layout. The misbehaving
server redirects to the same page over and over until it gives up.
The good version looks like this:

Rendering within layouts/store
Rendering store/checkout_1
Completed in 0.29177 (3 reqs/sec) | Rendering: 0.26901 (92%) | DB:
0.02111 (7%) | 200 OK [https://74.86.134.210/store/checkout_1]

The malfunctioning server looks like this:

Redirected to https://74.86.228.171/store/checkout_1
Filter chain halted as
[#<ActionController::Filters::ClassMethods::SymbolFilter:0xb770a58c
@filter=:ensure_proper_protocol>] returned false.
Completed in 0.00024 (4236 reqs/sec) | DB: 0.00000 (0%) | 302 Found
[http://74.86.228.171/store/checkout_1]
(repeat ad nauseum)

If I go directly to the https:// address, I get the same problem.
However, if I’m at the home page and add an ‘s’ to the ‘http’, it
encrypts. On the working version, it redirects to a non-encrypted
‘http’ home page.

So, it looks like the ssl_requirement plugin is acting up. For the
checkout_1 action, I have an :ssl_required declaration in the
controller. I also have the ‘include SslRequirement’ in my
application controller. But, like I said, the code is identical for
the two apps. That’s what I can’t figure out.

Does this infinite loop look familiar or dangerously suspicious to
anybody? I’d appreciate any help or suggestions, and I’ll supply any
more information that could be helpful. The hosting tech support has
looked at the problem and is as stumped as I am. They said that the
Apache configs were the same, too, for what it’s worth.

Thank you!

-Kyle

On Nov 27, 2007 11:06 PM, Kyle [email protected] wrote:

server redirects to the same page over and over until it gives up.
Are the two setups using the same web servers/proxies? I ran into a
similar
problem a while ago because a server wasn’t passing along the necessary
headers to indicate whether a request was SSL or not.

James.


James S.
Web D. and Consultant

The tech assures me that all servers, settings, etc. are the same.

“Please note that both the servers are using the Apache web server
with same configuration. We have compared the vhost entries also. Also
we made sure that both are having the same version on the rails and
ruby.”

I tried re-installing the app by building it on the server and only
uploading code files. I installed the ssl_requirement plugin on the
server as well. Same issue. Bizarre.

-Kyle

This code snippet from the ssl_requirement.rb plugin shows me where
things are breaking down, but now exactly why.

-----CODE-----
def ensure_proper_protocol
return true if ssl_allowed?

if ssl_required? && !request.ssl?
redirect_to “https://” + request.host + request.request_uri
return false
elsif request.ssl? && !ssl_required?
redirect_to “http://” + request.host + request.request_uri
return false
end
end
-----CODE-----

By looking at the first ‘if’, and based on the symptoms that I’m
experiencing, it seems that rails isn’t able to interpret my request
as SSL after redirecting to ‘https://host/uri’. I don’t think that
the ssl_required is getting messed up, so it would have to be the
second part (!request.ssl?). Of course, a request for resources at
https anything should be considered by rails to be SSL, right? Since
that isn’t being interpreted correctly, the ensure_proper_protocol
method keeps redirecting to https://host/uri until it dies.

Does this help anybody sniff out a configuration issue somewhere?

Thanks again!

-Kyle

OK, finally I found this post:

http://www.hostingrails.com/forums/everything_else_thread/420

It’s from my hosting company, and I’m using mongrel as they describe.
The issue seems to be in an Apache Vhost setting. Is there a quick
fix that would make a request to https:// pass the request.ssl? test?
I sent tech support the urls of all encrypted pages on my server, but
I’d much rather just be able to get SslRequirement working so that I
can add/modify these settings myself.

Thanks!

-Kyle

Hey ,
I am facing the same problem. I used the link above
http://www.hostingrails.com/forums/everything_else_thread/420
but it still does not work. In the apache logs I see that the mongrel
is in the error start
and in the mongrel logs i see ensure_proper_protocol returned false.
A similar issue you mentioned above.
How did u resolve that finally. Any suggestions … i have spent couple
of days on this…
Let me know.

Thanks

Dhaval