Ruby on Rails

Hi Fred,
Tried it, though no change. I'm thinking the issue may be more
fundamental, hope it proves me wrong!

My xhr POST is actually being sent as an HTTP POST request, I send it
from Javascript client as XMLHTTPRequest. The first problem is: I should
not send login/password plain text before SSL channel is setup. The
question becomes how do I set up SSL before that? Am I getting too
confused here?

Secondly, I'm not using Rails' url/path helpers as Javascript client can
not understand those. My communication with Rails is over xhr's hence my
post with login/password. Therefore, I think Rails will fail with
redirects (in the SSL_requirement plugin) even if I send in HTTPs
protocol. Is that right? Hope that's not the case, what do you think?

Thanks,

Frederick Cheung wrote in post #971864:
> On Jan 2, 2:32am, "Mustafa C." <li...@ruby-forum.com> wrote:
>
>>
>> Below is my HTTPS server block at nginx:
>> server {
>> listen 443;
>> server_name www.mysite.com;
>> proxy_set_header X_FORWARDED_PROTO https;
>
> It looks like rails thinks your https post was an http one, and it's
> probably because this proxy_set_header is getting ignored: the docs
> for nginx say "proxy_set_header directives issued at higher levels are
> only inherited when no proxy_set_header directives have been issued at
> a given level". Try sticking this in the location block instead.
>
> Fred

--
Posted via http://www.ruby-forum.com/.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.