从http://example.com重定向到https://example.mysite.com

本文介绍了从http://example.com重定向到https://example.mysite.com的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

这个问题已经以各种排列方式提出，但是我还没有找到正确的组合来回答我的特定问题。

配置

Rails 3.1（允许我在 ApplicationController中使用 force_ssl

托管在Heroku Cedar上（所以我无法触及中间件）

我的SSL证书已注册为 secure.example.com

我已经添加了 force_ssl 到我的ApplicationController，如下所示：

＃file：controllers / application_controller.rb
class ApplicationController< ActionController :: Base
protect_from_forgery
force_ssl
end

问题

目前，如果用户导航到 http://example.com ，则force_ssl会切换到SSL，但自它不是 secure.example.com ，它显示了一个有关未经验证的安全证书的警告，因为它使用默认的Heroku证书。

（我已验证，导航到 http://secure.example.com 正确重定向到 https：//secure.example。）

问题

并使用适当的安全证书。 >如何强制 http://www.example.com/anything 和 http://example.com/anything 重定向到 http://secure.example.com/anything ？（我假设force_ssl将处理从http到https的切换。）由于我无法触及中间件（回想起这是Heroku托管），我假设我可以这样做：
＃file：controllers / application_controller.rb
class ApplicationController< ActionController :: Base
protect_from_forgery
force_ssl
before_filter：force_secure_subdomain
$ b private b $ b def force_secure_subdomain
redirect_to（something ...）除非请求。 SSL？
结束
结束

...但是我没有充分地获取redirect_to和请求对象知道要为写些什么...... 。（我想确保它能处理查询参数等）。 通过执行以下操作，您可以重定向到不同的主机名以下内容：

＃file：controllers / application_controller.rb
class ApplicationController< ActionController :: Base
force_ssl：host => secure.example.com
end

请参阅：了解更多信息

This question has been asked in various permutations, but I haven't found the right combination that answers my particular question.
The configuration
Rails 3.1 (allowing me to use force_ssl in my ApplicationController)
Hosted on Heroku Cedar (so I can't touch the middleware)
My SSL certs are registered for secure.example.com
I've already added force_ssl to my ApplicationController, like this:
# file: controllers/application_controller.rb class ApplicationController < ActionController::Base protect_from_forgery force_ssl end
The problem
Currently, if a user navigates to http://example.com, force_ssl switches to SSL, but since it's NOT secure.example.com, it presents a warning about an unverified security cert because it's using the default Heroku cert.
(I've verified that navigating to http://secure.example.com properly redirects to https://secure.example.com and uses the proper security cert. That's good.)
The question
How do I force http://www.example.com/anything and http://example.com/anything to redirect to http://secure.example.com/anything? (I'm assuming that force_ssl will handle the switch from http to https.) Since I cannot touch the middleware (recall that this is Heroku hosting), I assume I can do something like:
# file: controllers/application_controller.rb class ApplicationController < ActionController::Base protect_from_forgery force_ssl before_filter :force_secure_subdomain private def force_secure_subdomain redirect_to(something...) unless request.ssl? end end
... but I haven't sufficiently grokked redirect_to and the request object to know what to write for something.... (I want to be sure that it handles query params, etc.)
解决方案
you can redirect to a different hostname by doing the following:
# file: controllers/application_controller.rb class ApplicationController < ActionController::Base force_ssl :host => "secure.example.com" end
see: rails force_ssl source for more info

这篇关于从http://example.com重定向到https://example.mysite.com的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！