diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2016-08-18 17:48:57 +0200 |
|---|---|---|
| committer | Eugen Rochko <eugen@zeonfederated.com> | 2016-08-18 17:48:57 +0200 |
| commit | 8459acd1234e9efcbf106e3eaa00ca871717d386 (patch) | |
| tree | 48a67110262328e11db1dfb995a034b427e785c8 | |
| parent | 6426819b6f7af0eff516340ca24d7f8af1cc6397 (diff) | |
Fix for force SSL issue with websockets
| -rw-r--r-- | app/controllers/application_controller.rb | 2 | ||||
| -rw-r--r-- | config/environments/production.rb | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index b10fa977e..91f76d311 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -3,6 +3,8 @@ class ApplicationController < ActionController::Base # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception + force_ssl if: "ENV['LOCAL_HTTPS'] == 'true'" + # Profiling before_action do if (current_user && current_user.admin?) || Rails.env == 'development' diff --git a/config/environments/production.rb b/config/environments/production.rb index 4c4ed760c..09b77654f 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -32,7 +32,7 @@ Rails.application.configure do # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - config.force_ssl = ENV['LOCAL_HTTPS'] == 'true' + config.force_ssl = false # Use the lowest log level to ensure availability of diagnostic information # when problems arise. |