Hi Pete,
I don’t think it’s necessary to require SSL in development, so even if enabling
SSL by default in production environments is a good idea (which I’m not
convinced is necessary), I think requiring it in development is overkill, and
makes the path to getting started on an app more complicated.
I do think there’s value in setting production pages to be SSL by default, but
I don’t have a grasp of what percentage of folks are building apps that don’t
require HTTPS.
- Geoff
On Monday, July 28, 2014 at 9:33 AM, Pete wrote:
> If we apply the logic "specify as much as possible on the highest level
> possible", then config.force_ssl = true should also set SSL for ActionMailer
> (and its url helpers), meaning application-wide and by default).
>
> The following requirement should then be a thing of the past:
>
> # development.rb config.action_mailer.default_url_options = {
> protocol: 'https',
> host: '0.0.0.0:3000' } # production.rb
> config.action_mailer.default_url_options = {
> protocol: 'https',
> host: 'mydomain.com (http://mydomain.com)' }
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Core" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected]
> (mailto:[email protected]).
> To post to this group, send email to [email protected]
> (mailto:[email protected]).
> Visit this group at http://groups.google.com/group/rubyonrails-core.
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Core" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/rubyonrails-core.
For more options, visit https://groups.google.com/d/optout.
