Rails - Jan 2007 - Secure Actions Plugin

Hi all,

This plugin lets you specify which actions *must* be run under ssl 
(https). If a declared action is run without ssl, the user is redirect 
to https. Also, once you declare an action to "require_ssl", any links
to that action are going to be https:// links.

http://svn.ianwarshak.com/plugins/secure_actions

Hopefully you all will find this useful.

Ian


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Looks good, thanks.  I''ll give this a try.

Question:  How is this different from the ssl_requirement plugin from 
DHH?  Is it based off it?  How have you improved/modified it?

On Jan 29, 5:00 am, "iwars...-/Ohng2Vv6ZDR7s880joybQ@public.gmane.org"
<iwars...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> Hi all,
>
> This plugin lets you specify which actions *must* be run under ssl
> (https). If a declared action is run without ssl, the user is redirect
> to https. Also, once you declare an action to "require_ssl", any
links
> to that action are going to be https:// links.
>
> http://svn.ianwarshak.com/plugins/secure_actions
>
> Hopefully you all will find this useful.
>
> Ian

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Thanks Marson,

The one main thing that this plugin adds to DHH''s ssl_requirement
plugin is the automatic https:// links to secure actions when using
link_to, etc.

The idea was really this: Redirecting a user to a secure version of
the site if that action is declared "secure" is an ok solution, but it
is really a failsace. If you are posting to an action with your login/
password and you post it to http://, then being redirected to https://
is kind of meaningless since your credentials were transmitted in the
clear once.

With this plugin, you can declare your secure actions in one place,
and are assured that any forms, links, etc to those actions are going
to be https://

Hope this helps
Ian


On Jan 29, 3:40 am, "mars...-8Qo2DTIsO68RmelmmXo44Q@public.gmane.org"
<mars...-8Qo2DTIsO68RmelmmXo44Q@public.gmane.org>
wrote:
> Looks good, thanks.  I''ll give this a try.
>
> Question:  How is this different from the ssl_requirement plugin from
> DHH?  Is it based off it?  How have you improved/modified it?
>
> On Jan 29, 5:00 am,
"iwars...-/Ohng2Vv6ZDR7s880joybQ@public.gmane.org"
<iwars...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> > Hi all,
>
> > This plugin lets you specify which actions *must* be run under ssl
> > (https). If a declared action is run without ssl, the user is redirect
> > to https. Also, once you declare an action to "require_ssl",
any links
> > to that action are going to be https:// links.
>
> >http://svn.ianwarshak.com/plugins/secure_actions
>
> > Hopefully you all will find this useful.
>
> > Ian

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---