Hi Fred,
You're right, I fixed the SSL setup issue now.
Now.. While I am on https://mysite.com/, I send the XMLHttpRequest to
Rails SessionsController. I added a 'before_filter: require_ssl' to it,
so it should redirect to https.
def require_ssl
redirect_to :protocol => "https://";
end
It gives me the same error as it did with SSL requirement before:
"Redirected to https://mysite.com/sessions Filter chain halted as
[:require_ssl] rendered_or_redirected."
Login works on https:// if I comment out the before filter. Why is it
failing on https when the require_ssl is on? I checked, it request.ssl?
is true, so the browser sends an SSL. It's got something to do with the
redirection. A better understanding of redirect_to can help here. Any
views?
Fred, regarding posts across redirects that you mention, what do you
suggest? One option is to switch the page to HTTPS before sending the
login/password; is there any other way? I need SSL for the login
initially, so will it work if I switch back to HTTP after login is done?
Regards
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
