From 66ff9c7a2f409da0c77f840b5e864a3b3b083b52 Mon Sep 17 00:00:00 2001 From: bruckwubete Date: Wed, 15 Aug 2018 11:45:37 -0400 Subject: [PATCH] fix force ssl logic for lb configuration --- app/controllers/application_controller.rb | 8 ++++++++ config/environments/production.rb | 3 --- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 85efb169..3ba6c29f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -24,6 +24,9 @@ class ApplicationController < ActionController::Base before_action :migration_error? before_action :set_locale + # Force SSL for loadbalancer configurations. + before_filter :redirect_to_https + protect_from_forgery with: :exception MEETING_NAME_LIMIT = 90 @@ -88,4 +91,9 @@ class ApplicationController < ActionController::Base moderator_message: "#{invite_msg}\n\n#{request.base_url + room_path(@room)}", } end + + + def redirect_to_https + redirect_to :protocol => "https://" if ( loadbalanced_configuration? and request.headers["X-Forwarded-Proto"] == "http") + end end diff --git a/config/environments/production.rb b/config/environments/production.rb index 374565c4..f3b7cc2c 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -44,9 +44,6 @@ Rails.application.configure do # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. config.force_ssl = (ENV["ENABLE_SSL"] == "true") - # Force SSL for loadbalancer configurations. - config.force_ssl = true if ENV["LOADBALANCER_ENDPOINT"].present? && ENV["LOADBALANCER_SECRET"].present? - # Use the lowest log level to ensure availability of diagnostic information # when problems arise. config.log_level = :debug