Hello everyone
rails3.2 ruby 1.9.3 nginx 1.5 passenger 4
I’m using force_ssl in a controller on our site, and certain actions within that controller.
force_ssl :only => [:show, :list, :toilet]
This works great, I can go to the site via http, no problems, and when I click on the link responding to the controller the https kicks in, and is also active on the other actions specified within that controller.
The issue I’m getting is after using that controller, which forces https, clicking on any other links within that site still uses https.
That’s not what I imagined to happen, and may cause an issue.
Is the browser caching the https traffic and assuming to use it again?
Is there any way around this?
Any help, greatly appreciated.
V
Ok, I’ve worked out what’s happening.
When you’re on the page that has been forced to be ssl, then all of your links that use /something will now pick up the https.
So all my main navigation links are pointing to https
I can’t change them as the site won’t work in development then or on any testing and staging servers.
um, this is a right pain in the arse.
Anyone know a way around it?
How are you generating the URLs for the links?
If you are using something like this:
projects_path
You can change it to this, which will generate a fully qualified URL (with host and protocol):
projects_url
And to explicitly break out of HTTPS, you can do the following:
project_url(:protocol => :http)
Hi Tim
They are navigation links in a global template set, haml.
%li.events
%a{ :href => “/events”,:title =>“Events” }
Events
I think I’m stuffed.
Even if I created a subset of the navigation set just for this section using full URLS, I’m still stuffed in development or any of the other testing servers with different URLs.
Any other ideas?
Tim, thanks for the help, worked a treat.