最近刚刚将一个项目设置为HTTP与HTTPS共存,在这过程中对Rails的配置项force_ssl有了更深的理解。
force_ssl是什么
force_ssl是什么呢?我们可以从以下三段Rails Guide中提及的force_ssl配置项信息中找到答案:
config.force_ssl forces all requests to be served over HTTPS by using the ActionDispatch::SSL middleware, and sets config.action_mailer.default_url_options to be { protocol: ‘https’ }. This can be configured by setting config.ssl_options - see the ActionDispatch::SSL documentation for details.
config.force_ssl通过使用中间件ActionDispatch::SSL使所有请求转为HTTPS,同时将config.action_mailer.default_url_options配置为{ protocol: ‘https’ }。这一项可以通过设置config.ssl_options来进行配置。详见ActionDispatch::SSL相关文档。
ActionDispatch::SSL forces every request to be served using HTTPS. Enabled if config.force_ssl is set to true. Options passed to this can be configured by setting config.ssl_options.
ActionDispatch::SSL将所有请求转为HTTPS,可以通过将config.