Agile Web Development

Build it. Launch it. Love it.

Links

Secure Actions

Categories

Ready-made Rails code

Secure Actions

This plugin lets you declare which actions you want to be accessed via https.

If you declare an action to be ssl_required, then if it is accessed without ssl, it is redirected to https://

Also, any links to these actions will automatically be https:// links.

Vitals

Home http://ianwarshak.com
Repository http://github.com/iwarshak/secure_actions
License Rails' (MIT)
Tags Tag_red ssl
Rating (3 votes)
Owner Ian Warshak
Created 26 January 2007

Comments

  • Avatar
    Scott
    11 April 2007

    I don't if this the right place to report this but I found a small bug in the plugin's code.

    The bug arises when a http request is redirected to https with the 'ensure_proper_protocol' method. Any params sent to with the http request are lost in the redirect to https.

    This is an easy fix:

    def ensure_proper_protocol

    if !request.ssl? && USE_SSL && ssl_required?
  params[:protocol] = 'https://'
  redirect_to params
  return false
end
return true

    end

Add a comment