Question

我想知道如何在rails 5 app中强制执行SSL。该应用程序在开发中运行良好。在生产中，一些通过rails admin通过SSL发出的POST请求不起作用。

如果通过production.rb强制执行SSL，则浏览器返回：

"ERR_TOO_MANY_REDIRECTS"

如果＆＃34; force_ssl＆＃34;设置为false，有些＆＃34; POST＆＃34;请求通过rails admin return：

HTTP Origin header (https://www.example.com) didn't match request.base_url (http://www.example.com)

提前致谢。

这些是应用设置：

production.rb

  # ...
  config.force_ssl = true
  # ...

nginx.conf

upstream puma {
  server unix:///home/bgc/apps/domain/shared/tmp/sockets/domain-puma.sock;
}

server {
  listen 80;
  listen 443 ssl;
  server_name domain.com;

  ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
  ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
  include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot 
  ssl_protocols TLSv1.2;
  ssl_prefer_server_ciphers on;
  ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;


  root /home/bgc/apps/domain/current/public;
  access_log /home/bgc/apps/domain/current/log/nginx.access.log;
  error_log /home/bgc/apps/domain/current/log/nginx.error.log info;


  location ^~ /assets/ {
    gzip_static on;
    expires max;
    add_header Cache-Control public;
  }

  try_files $uri/index.html $uri @puma;
  location @puma {
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_pass http://puma;
  }

  error_page 500 502 503 504 /500.html;
  client_max_body_size 10M;
  keepalive_timeout 10;
}

Answer 1

原因很简单。当您将Nginx服务器与ssl一起使用时，它已经为您整理了ssl。如果您从production.rb中删除config.force_ssl = true，它将被排序。

Rails 5，Nginx，Puma，Rails管理员 - ERR_TOO_MANY_REDIRECTS

1 个答案: