ruby-on-rails – Rails redirect_to是从https(正确)重定向到htt
发布时间:2020-12-17 01:31:54 所属栏目:百科 来源:网络整理
导读:在我的Rails 4应用程序中,我有一个before_action要求用户登录,如下所示: class ApplicationController ActionController::Base protect_from_forgery with: :exception before_action :require_login def require_login unless logged_in? flash[:alert] =
|
在我的Rails 4应用程序中,我有一个before_action要求用户登录,如下所示:
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :require_login
def require_login
unless logged_in?
flash[:alert] = "You must be logged in to access this section."
redirect_to login_path
end
end
def logged_in?
# more logic
end
end
当我在没有登录的情况下访问example.com时,我会按预期重定向到example.com/login.但是,我在控制台中看到此错误: The page at 'https://example.com/login' was loaded over HTTPS,but displayed insecure content from 'http://example.com/login': this content should also be loaded over HTTPS. 网络选项卡似乎表明我的redirect_to指向HTTP而不是HTTPS.当它到达HTTP时,它会自动重定向到HTTPS. Request URL:http://example.com/login Request Method:GET Status Code:301 Moved Permanently # In the response headers: Location:https://example.com/login 有没有办法告诉redirect_to它应该使用HHTPS而不是HTTP,或者这是一个nginx配置?我认为使用login_path而不是login_url会解决问题,因为它应该是相对于基础的,但这似乎不起作用. 更新: 我还想过使用force_ssl,但担心我正在用锤子敲针.如果我弄错了,请随意纠正我. 解决方法
使用
#force_ssl:
class ApplicationController < ActionController::Base
force_ssl # use HTTPS for all actions
protect_from_forgery with: :exception
before_action :require_login
def require_login
unless logged_in?
flash[:alert] = "You must be logged in to access this section."
redirect_to login_path
end
end
def logged_in?
# more logic
end
end
(编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |