Ruby on Rails

> Have you looked at this page?
> http://stackoverflow.com/questions/1662262/rails-redirect-with-https
>
> Walter

Hi Walter,
Thanks. I had seen it; it made sense to revisit it at this point.
However, it still doesn't cure my problem. I put in the below code:
def require_ssl
if request.ssl?
return true
else
redirect_to :protocol => "https://"
end

And at http://mysite.com ; when I attempt a login, I get following:
Processing SessionsController#create [POST]
Parameters: {"action"=>"create", "controller"=>"sessions",
"login"=>"my_user", "password"=>"[FILTERED]"}
Redirected to https://mysite.com/sessions
Filter chain halted as [:require_ssl] rendered_or_redirected.

It behaves similarly with the following path as well:
redirect_to :protocol => "https://", :controller => "home", :action =>
"index".

I am not clear how redirect_to works. Rails code says "It redirects the
browser to the target specified in +options+". My client is Javascript,
how does it ask the browser to redirect, so I can handle that? There
seems to be a lower level retry mechanism, which doesn't reach up to
Javascript??

Regarding my second question above, ie. messy redirects, I'm thinking it
should normally be pretty straight-forward to switch to HTTPS at the
browser and send the XHR while in HTTPS. But changing back to HTTP will
be a pain, all the magic of Ajax will be lost if I reload the entire
page.

This looks like an uphill battle... I'm sure this has been done before
using Rails + Javascript.

--
Posted via http://www.ruby-forum.com/.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.