如何强制Rails仅使用SSL上的TLS?
[英]How can I force Rails to only use TLS over SSL?
问题描述
We are being forced to only use TLS instead of SSL when sending a request to a server, but we don't know how to make sure that the request is being sent using TLS, and if it's not, we're not sure how to force Rails to do it. 
我们被迫在向服务器发送请求时仅使用TLS而不是SSL,但我们不知道如何确保使用TLS发送请求,如果不是,我们不确定如何强迫Rails做到这一点。
Here is how we are sending the request: 以下是我们发送请求的方式:
uri = URI.parse("https://someurl.com")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(uri.path)
request.body = body
http.request(request)
1 个解决方案
解决方案1
1 2015-04-15 09:21:10
尝试添加
http.ssl_options = OpenSSL::SSL::OP_NO_SSLv2 + OpenSSL::SSL::OP_NO_SSLv3 + OpenSSL::SSL::OP_NO_COMPRESSION
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
在 Rails 3 和 ActionMailer 中,是否可以通过 SSL(不是 StartTLS)使用 TLS 发送 email? - In Rails 3 and ActionMailer, is it possible to send email using TLS over SSL (Not StartTLS)?
Rails +设计如何不强制SSL? - Rails + Devise how not to force SSL?
如何强制Rails缓存不逃脱? - How can I force Rails cache to not escape?
Ruby on Rails Thin和force_ssl,通过HTTP的空响应 - Ruby on Rails Thin and force_ssl, empty response over HTTP
如何将 puma 配置为仅允许强 TLS 密码? - How can I configure puma to only allow strong TLS ciphers?
如何设置 ActionMailer 使用 TLS 连接所需的 SSL 协议? - How do I set the SSL protocol needed for ActionMailer to use a TLS connection?
如何将TinyMCE组件与SSL配合使用? - How can I use TinyMCE components with SSL?
如何在葡萄中使用force_ssl? - How to use force_ssl with grape?
如何将force_ssl与302一起使用 - How to use force_ssl with a 302
如何使用Rails通过HTTP强制使用安全cookie - How to force a secure cookie over HTTP with Rails
相关标签