diff options
author | Matt Jankowski <mjankowski@thoughtbot.com> | 2017-04-23 20:44:05 -0400 |
---|---|---|
committer | Eugen <eugen@zeonfederated.com> | 2017-04-24 02:44:05 +0200 |
commit | a0dd90a397648efafd5b2ff3383c1894ad5acac6 (patch) | |
tree | 6aac865e5b7153082d75c2070b6fe404b9821caf | |
parent | 1e2a5dded749649c3e8fe9e6dc6be5d516cca35a (diff) |
Return force_ssl to the controller (#2380)
-rw-r--r-- | app/controllers/application_controller.rb | 6 | ||||
-rw-r--r-- | config/environments/production.rb | 8 |
2 files changed, 6 insertions, 8 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ad2be71ee..291895457 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -5,6 +5,8 @@ class ApplicationController < ActionController::Base # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception + force_ssl if: :https_enabled? + include Localized helper_method :current_account @@ -24,6 +26,10 @@ class ApplicationController < ActionController::Base private + def https_enabled? + Rails.env.production? && ENV['LOCAL_HTTPS'] == 'true' + end + def store_current_location store_location_for(:user, request.url) end diff --git a/config/environments/production.rb b/config/environments/production.rb index 80933eda9..fde69dc70 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -35,14 +35,6 @@ Rails.application.configure do # Allow to specify public IP of reverse proxy if it's needed config.action_dispatch.trusted_proxies = [IPAddr.new(ENV['TRUSTED_PROXY_IP'])] unless ENV['TRUSTED_PROXY_IP'].blank? - # When LOCAL_HTTPS is set, force traffic over SSL - config.force_ssl = (ENV['LOCAL_HTTPS'] == 'true') - - # When ENABLE_HSTS is also set, turn on Strict-Transport-Security - config.ssl_options = { - hsts: (ENV['ENABLE_HSTS'] == 'true') - } - # By default, use the lowest log level to ensure availability of diagnostic information # when problems arise. config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info').to_sym |