当用户使用HTTP时,我可以成功地将他重定向到HTTPS(SSL)变体,如下所示:
redirect_to { protocol: 'https://', domain: 'ssl.tld' }
但是,当我想执行反向时,它会创建无限重定向循环。我尝试了几种变体。提一下:
redirect_to { protocol: 'http://', domain: 'nonssl.tld' }
redirect_to "http://nonssl.tld#{request.fullpath}"
循环,根据日志:
000.000.000.000 - - [21/Apr/2016:18:50:04 -0100] "GET /en HTTP/1.1" 302 887 "https://ssl.tld/en/users/sign_in" "= THE_USER_AGENT_HERE"
https://ssl.tld/en/users/sign_in显然是重定向之前的引荐者/当前页面。
我想知道为什么GET 显示路径而不是网址 - 特别是根据文档,redirect_to "http://nonssl.tld#{request.fullpath}"应明确地被视为绝对网址。< / p>
更新以下是application_controller&{39} before_action的相关部分:
exceptions = ['errors', 'subscriptions', 'users']
ssl_is_mandatory = ! exceptions.include?(controller_name)
currently_on_ssl = request.ssl?
if currently_on_ssl
if !current_user && !ssl_is_mandatory
logger.debug "#{__method__}: Visitor currently on SSL, but SSL not desired. Redirecting to non_ssl"
redirect_to "http://my.domain#{request.fullpath}"
end
else
if current_user || ssl_is_mandatory
logger.debug "#{__method__}: Currently on no-SSL, but user in session or SSL mandatory. Redirecting to ssl"
redirect_to { protocol: 'https://', domain: 'my.ssldomain' }
end
end
更新:根据评论中Marc的要求,以下是请求标题:
SSL域的请求标头
# curl -s -I https://SSL.tld
HTTP/1.1 302 Found
Date: Mon, 02 May 2016 23:33:34 GMT
Server: Apache/2.2.15 (Red Hat)
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache
X-Request-Id: 8d182c5e-cec6-46c0-b845-eafe2d313fe2
X-Runtime: 0.005948
X-Powered-By: Phusion Passenger 4.0.18
Location: https://SSL.tld/en
Content-Length: 895
Status: 302 Found
Content-Type: text/html; charset=utf-8
Set-Cookie: GEAR=local-554148915973ca816300021b; path=/
# curl -s -I https://SSL.tld/en
HTTP/1.1 200 OK
Date: Mon, 02 May 2016 23:33:52 GMT
Server: Apache/2.2.15 (Red Hat)
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
ETag: "acf44db83201e4da25659ab8545936b3"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 671d9407-0cdd-4401-9537-abff660e1b18
X-Runtime: 0.078496
X-Powered-By: Phusion Passenger 4.0.18
Content-Length: 10964
Status: 200 OK
Content-Type: text/html; charset=utf-8
Cache-control: private
Set-Cookie: GEAR=local-554148915973ca816300021b; path=/
Vary: Accept-Encoding
NONSSL域的请求标头
# curl -s -I http://NONSSL.tld
HTTP/1.1 302 Found
Date: Mon, 02 May 2016 23:34:16 GMT
Server: Apache/2.2.15 (Red Hat)
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache
X-Request-Id: 9f7b4341-0489-48fa-b15d-b45f787db690
X-Runtime: 0.007811
X-Powered-By: Phusion Passenger 4.0.18
Location: http://NONSSL.tld/en
Content-Length: 873
Status: 302 Found
Content-Type: text/html; charset=utf-8
Set-Cookie: GEAR=local-554148915973ca816300021b; path=/
# curl -s -I http://NONSSL.tld/en
HTTP/1.1 200 OK
Date: Mon, 02 May 2016 23:34:47 GMT
Server: Apache/2.2.15 (Red Hat)
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
ETag: "05294c86e7f806ebf2e90c5f52fd7497"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 25a0ac8c-6cba-4a83-9a15-b95474436a3e
X-Runtime: 0.290131
X-Powered-By: Phusion Passenger 4.0.18
Content-Length: 10877
Status: 200 OK
Content-Type: text/html; charset=utf-8
Cache-control: private
Set-Cookie: GEAR=local-554148915973ca816300021b; path=/
Vary: Accept-Encoding
更新
我进一步简化了application_controller&#39; s before_action中的重定向代码:
def debug_toggle_ssl
if params[:x].eql?('yes')
redirect_to "http://NONSSL.tld#{request.fullpath}"
end
end
现在,要重现这个问题: