Hi Fred, Tried it, though no change. I'm thinking the issue may be more fundamental, hope it proves me wrong!
My xhr POST is actually being sent as an HTTP POST request, I send it from Javascript client as XMLHTTPRequest. The first problem is: I should not send login/password plain text before SSL channel is setup. The question becomes how do I set up SSL before that? Am I getting too confused here? Secondly, I'm not using Rails' url/path helpers as Javascript client can not understand those. My communication with Rails is over xhr's hence my post with login/password. Therefore, I think Rails will fail with redirects (in the SSL_requirement plugin) even if I send in HTTPs protocol. Is that right? Hope that's not the case, what do you think? Thanks, Frederick Cheung wrote in post #971864: > On Jan 2, 2:32am, "Mustafa C." <[email protected]> wrote: > >> >> Below is my HTTPS server block at nginx: >> server { >> listen 443; >> server_name www.mysite.com; >> proxy_set_header X_FORWARDED_PROTO https; > > It looks like rails thinks your https post was an http one, and it's > probably because this proxy_set_header is getting ignored: the docs > for nginx say "proxy_set_header directives issued at higher levels are > only inherited when no proxy_set_header directives have been issued at > a given level". Try sticking this in the location block instead. > > Fred -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
