Comments on: SSL checklist for Rails Applications http://darthsid.com/blog/2010/03/29/ssl-checklist-for-rails-applications/ "Powered by The Dark Side" Tue, 06 Apr 2010 08:38:40 +0000 hourly 1 http://wordpress.org/?v=3.1.2 By: Sid http://darthsid.com/blog/2010/03/29/ssl-checklist-for-rails-applications/comment-page-1/#comment-27 Sid Tue, 06 Apr 2010 08:38:40 +0000 http://darthsid.com/blog/?p=126#comment-27 Thanks for the info. That is a cleaner approach. I'll update the post. Thanks for the info. That is a cleaner approach. I’ll update the post.

]]> By: Jonathan Julian http://darthsid.com/blog/2010/03/29/ssl-checklist-for-rails-applications/comment-page-1/#comment-26 Jonathan Julian Fri, 02 Apr 2010 13:56:11 +0000 http://darthsid.com/blog/?p=126#comment-26 There's no need to test Rails.env.production? in your controllers. Just write all your code assuming it's production code, then add SslRequirement.disable_ssl_check = true into development.rb. It also helps to be running a local apache/passenger with a dummy SSL cert and both SSL and non-SSL virtual hosts configured. There’s no need to test Rails.env.production? in your controllers. Just write all your code assuming it’s production code, then add SslRequirement.disable_ssl_check = true into development.rb.

It also helps to be running a local apache/passenger with a dummy SSL cert and both SSL and non-SSL virtual hosts configured.

]]>