[英]Rails SSL issue: (https://example.com) didn't match request.base_url (http://example.com)
I just installed an SSL certificate on my site.我刚刚在我的网站上安装了 SSL 证书。 Unfortunately it has broken the login functionality.不幸的是,它破坏了登录功能。 After submitting the login form on the site it just redirects to the home page.在网站上提交登录表单后,它只会重定向到主页。 Checking the rails log shows this error:检查 rails 日志显示此错误:
(https://example.com) didn't match request.base_url (http://example.com)
Here is my virtualhosts file.这是我的虚拟主机文件。 I guess I need to force SSL somehow?我想我需要以某种方式强制 SSL?
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin hello@example.com
ServerName example.com
ServerAlias www.example.com
SSLEngine on
SSLCertificateFile /home/user/sharetribe/lib/certificates/www_example_com.crt
SSLCertificateKeyFile /home/user/sharetribe/lib/certificates/example.com.key
SSLCertificateChainFile /home/user/sharetribe/lib/certificates/www_example_com.ca-bundle
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>
Just run in to the same error.只是遇到同样的错误。 In config/environments/production.rb
make sure you have set:在config/environments/production.rb
确保您已设置:
config.force_ssl = true
While not strictly related to this issue, after setting this setting you will need to ensure that your reverse proxy (if you have one) is set up to forward the protocol used to rails by sending the X-Forwarded-Proto
header from the proxy to rails.虽然与此问题没有严格相关,但在设置此设置后,您需要确保您的反向代理(如果有)通过将X-Forwarded-Proto
标头从代理发送到导轨。 The way this is done depends on which reverse proxy you use (Apache, nginx, etc) and how you have configured it so it's best you look up the specific documentation for the reverse proxy you are using.完成此操作的方式取决于您使用的反向代理(Apache、nginx 等)以及您如何配置它,因此最好查找您正在使用的反向代理的特定文档。
As rails application server is running behind webserver which is SSL enabled.由于 Rails 应用程序服务器在启用 SSL 的网络服务器后面运行。 But the application server is not aware of it and continue with HTTP protocol.但是应用服务器并没有意识到它并继续使用 HTTP 协议。 Due to which request.base_url
gives HTTP URL.由于request.base_url
给出了 HTTP URL。
To let the application server know that SSL is enabled and used the https protocol, you need explicitly tell application server.要让应用服务器知道 SSL 已启用并使用 https 协议,您需要明确告诉应用服务器。
In the Nginx web server, I have used,在 Nginx 网络服务器中,我使用过,
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;
For Apache web server, need to find similar settings.对于 Apache Web 服务器,需要找到类似的设置。
I think using config.force_ssl = true
can solve a problem but not properly since this config, change all HTTP request into HTTPS.我认为使用config.force_ssl = true
可以解决问题,但由于此配置无法正确解决,将所有 HTTP 请求更改为 HTTPS。 Means if someone requests with HTTP it will redirect to HTTPS.意味着如果有人使用 HTTP 请求,它将重定向到 HTTPS。 config.force_ssl = true
will not work in case of API's were you were sending URLs to the client side. config.force_ssl = true
在 API 的情况下将不起作用,您将 URL 发送到客户端。
I had a similar issue while using Cloudflare's Flexible SSL.我在使用 Cloudflare 的灵活 SSL 时遇到了类似的问题。 I changed it to Full, and activated SSL on my Heroku server.我将其更改为 Full,并在 Heroku 服务器上激活 SSL。
Found the solution here: http://til.obiefernandez.com/posts/875a2a69af-cloudflare-flexible-ssl-mode-breaks-rails-5-csrf在这里找到解决方案: http : //til.obiefernandez.com/posts/875a2a69af-cloudflare-flexible-ssl-mode-breaks-rails-5-csrf
就我而言,我将application_controller.rb文件class ApplicationController < ActionController::Base
以下行更改为class ApplicationController < ActionController::API
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.