Passenger,nginx and SSL(http redirect to https)

参见配置SSL

Nginx + https + 免费SSL证书配置指南

但是配置完后，rails中的request.ssl? 永远返回false

Passenger 3 implements this feature with a new directive passenger_set_cgi_param which behaves like proxy_set_header.

For example, to pass SSL variables to Rack, you could do this:

server {
  listen 443 default ssl;

  # other SSL stuff goes here
  # other passenger stuff here

  passenger_set_cgi_param  X_FORWARDED_PROTO       https;
  passenger_set_cgi_param  X-SSL-Raw-Cert          $ssl_client_raw_cert;
  passenger_set_cgi_param  X-SSL-Cert              $ssl_client_cert;
  passenger_set_cgi_param  X-SSL-Client-S-DN       $ssl_client_s_dn;
  passenger_set_cgi_param  X-SSL-Client-I-DN       $ssl_client_i_dn;
  passenger_set_cgi_param  X-SSL-Client-Verify     $ssl_client_verify;
}

然后重写Rack::Request.scheme方法：

module Rack
  class Request
    def scheme
          if self.headers['X_FORWARDED_PROTO'].eql?("https")
            'https'
          elsif @env['HTTPS'] == 'on'
            'https'
          elsif @env['HTTP_X_FORWARDED_SSL'] == 'on'
            'https'
          elsif @env['HTTP_X_FORWARDED_PROTO']
            @env['HTTP_X_FORWARDED_PROTO'].split(',')[0]
          else
            @env["rack.url_scheme"]
          end
        end
  end
end

在ApplicationController中添加代码

class ApplicationController < ActionController::Base
  before_filter :redirect_to_https
  def redirect_to_https
    unless(request.ssl?)
      redirect_to :protocol=>"https://"
      return
    end
  end
end

此时的request.ssl?就生效了