When the user is on HTTP, I can successfully redirect him to a HTTPS (SSL) variant like so:
redirect_to { protocol: 'https://', domain: 'ssl.tld' }
However, when I want to do the reverse, it creates an infinite redirection loop. I've tried several variants. To mention some:
redirect_to { protocol: 'http://', domain: 'nonssl.tld' }
redirect_to "http://nonssl.tld#{request.fullpath}"
The loop, according to the log:
000.000.000.000 - - [21/Apr/2016:18:50:04 -0100] "GET /en HTTP/1.1" 302 887 "https://ssl.tld/en/users/sign_in" "= THE_USER_AGENT_HERE"
Whereas https://ssl.tld/en/users/sign_in apparantly is the referrer/the current page before redirection.
I wonder why the GET shows a path as opposed to a URL - especially given that redirect_to "http://nonssl.tld#{request.fullpath}" should explicitly be considered an absolute URL, according to the docs.
UPDATE Here is the relevant part from the application_controller's before_action:
exceptions = ['errors', 'subscriptions', 'users'] ssl_is_mandatory = ! exceptions.include?(controller_name) currently_on_ssl = request.ssl? if currently_on_ssl if !current_user && !ssl_is_mandatory logger.debug "#{__method__}: Visitor currently on SSL, but SSL not desired. Redirecting to non_ssl" redirect_to "http://my.domain#{request.fullpath}" end else if current_user || ssl_is_mandatory logger.debug "#{__method__}: Currently on no-SSL, but user in session or SSL mandatory. Redirecting to ssl" redirect_to { protocol: 'https://', domain: 'my.ssldomain' } end end 
0 comments:
Post a Comment