This plugin lets you specify which actions *must* be run under ssl
(https). If a declared action is run without ssl, the user is redirect
to https. Also, once you declare an action to "require_ssl", any links
to that action are going to be https:// links.
The one main thing that this plugin adds to DHH's ssl_requirement
plugin is the automatic https:// links to secure actions when using
link_to, etc.
The idea was really this: Redirecting a user to a secure version of
the site if that action is declared "secure" is an ok solution, but it
is really a failsace. If you are posting to an action with your login/
password and you post it to http://, then being redirected to https://
is kind of meaningless since your credentials were transmitted in the
clear once.
With this plugin, you can declare your secure actions in one place,
and are assured that any forms, links, etc to those actions are going
to be https://