Hello,
My client does not want to purchase a ssl cert, rather they want to
use their host''s (westhost.com) shared ssl cert. To access the site
through shared ssl under their setup you have to use the url:
https://ssl4.westhost.com/yourdomain.com/path/to/controller
As you can see, these makes havoc rain down on the url.
But, I googled around and came up with a good solution I thought, that
is something similar to a subdomain redirect:
http://www.railsonwave.com/railsonwave/2007/7/10/howto-put-a-controller-under-a-ssl-subdomain
(my code is below)
I modified the above code to give me a nice url when I need ssl. And
it works, except it goes into an endless redirection loop.
I think the problem is that not only is the domain changing, but also
the base of the url which must really screw rails up.
So, is there a way to do something like this or do I just need to lay
down the law with the client and buy an ssl cert?
Thank You,
kyle
code from application.rb
#rewrite the url to redirect to the westhost ssl server when needed
#see config/environment.rb to set which controllers need ssl
def url_for(options = {}, *parameters_for_method_reference)
tmp_result = super((options.is_a?(Hash) ?
options.merge({:only_path => false}) : options),
parameters_for_method_reference)
if not (tmp_result =~ Regexp.new(request.host)).nil?
url_to_go = dispatch_ssl(tmp_result)
end
super((url_to_go.nil? ? tmp_result : url_to_go),
parameters_for_method_reference)
end
NOTE: SECURE_DOMAIN is set in environment.rb to be:
ssl4.westhost.com/mydomain.com/
#called by url_for, thus makes the proper ssl domain
def dispatch_ssl(tmp_result = request.request_uri)
domain = SECURE_DOMAIN.blank? ? "" : SECURE_DOMAIN +
"."
# need secure is a function that simply check if this path need
to be put under SSL
if need_secure?(tmp_result)
if request.protocol == ''http://''
url_to_go = "https://#{domain}" + tmp_result
end
else
if request.protocol == ''https://''
host = request.host.gsub(Regexp.new(subdomain),"")
url_to_go = ''http://'' + host + tmp_result
end
end
return url_to_go
end
#used by dispatch_ssl, checks the config/environments.rb set
SECURE_MODE
#to see if the uri really does need ssl or not
def need_secure?(uri)
SECURE_MODE.each{ |s|
a = (uri =~ s)
return true unless a.nil?
}
return false;
end
#we put this magic into a before_filter of a controller
#which will check if they need ssl and aren''t using it
#and then send them marily on their way to ssl bliss.
#we hope!
def ssl_required
if not (redir = dispatch_ssl.to_s).blank?
redirect_to(redir) and return false
end
end
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---