[typo] /admin in https

Linda Derezinski linda at innovatesolutions.com
Thu Sep 21 16:37:18 EDT 2006


In my case we turned the entire site into https, so that solved my problem.

(Did I mention that I'm not a sysadmin :)
where is the flaw in this logic?
Add proxy pass for /admin /accounts in the *:80 record to the https urls.
Add the X_FORWARDED_PROTO to the :443 record.

My thought is that if rails produces a /admin or /accounts url with http
then the proxypasses will convert it to https.

Unless your point is that once in https there is no way to return to http?
So you would end up putting proxypasses in https to point /articles etc to
http.


-Linda



On 9/21/06 4:23 PM, "Scott Laird" <scott at sigkill.org> wrote:

> That's part of the issue, but it'd be nice if *every* link to /admin
> (or /accounts) used https while non-authenticated links still use
> http.  That's a bit harder to do from Apache.
> 
> 
> Scott
> 
> On 9/21/06, Linda Derezinski <linda at innovatesolutions.com> wrote:
>> Scott,
>> 
>> I believe that the rails team has already done this for you  :)
>> 
>> In the the httpd.conf in your <VirtualHost *:443> record add this
>> 
>> RequestHeader set X_FORWARDED_PROTO "https"
>> 
>> Then all of your url_for() will correctly render https or http depending on
>> the RequestHeader parameter
>> 
>> I'm not a sys admin ... Nor do I play on on TV... This is where I learned
>> about this little gem.  (Also I should mention that we are running apache 2/
>> Mongrel Rails)
>> 
>> http://www.planetrubyonrails.org/show/feed/60
>> 
>> -Linda Derezinski
>> 
>> 
>> 
>> On 9/21/06 10:25 AM, "Scott Laird" <scott at sigkill.org> wrote:
>> 
>>> On 9/21/06, Beber <beber at meleeweb.net> wrote:
>>>> Trejkaz <trejkaz at trypticon.org>
>>>> 
>>>>> On Wednesday 20 September 2006 21:10, Beber wrote:
>>>>>> Hi,
>>>>>> 
>>>>>> Is there a way to make the /admin into https and everything else in http
>>>>>> ?
>>>>> 
>>>>> I do this on the Apache side using redirects, but it isn't pretty.
>>>> 
>>>> I tried that and with ProxyPass setting and it only fails. Could you
>>>> paste me your redirection ?
>>> 
>>> Sooner or later I'd like to make this a config option--if it's set,
>>> then Typo generates all /admin URLs with https://.  That'd probably be
>>> easier.  Feel free to submit a patch :-).
>>> 
>>> 
>>> Scott
>>> _______________________________________________
>>> Typo-list mailing list
>>> Typo-list at rubyforge.org
>>> http://rubyforge.org/mailman/listinfo/typo-list
>> 
>> 
>> 




More information about the Typo-list mailing list