Ruby on rails 3 Rails:https://用于特定URL_Ruby On Rails 3_Ssl_Nginx

Ruby on rails 3 Rails:https://用于特定URL

ruby-on-rails-3 ssl nginx

Ruby on rails 3 Rails:https://用于特定URL,ruby-on-rails-3,ssl,nginx,Ruby On Rails 3,Ssl,Nginx,我正在开发一个电子商务网站。Nginx用作web服务器，unicorn用作应用服务器。在我的应用程序中，我只想为支付页面实现ssl，这意味着只针对特定的url。我试图在途中配置我的设备。我正在使用gem'rack-ssl-enforcer'。我在环境文件中给出的gem配置如下 config.middleware.use Rack::SslEnforcer, :redirect_to => 'https://demo.domain.com', # For when behind a

我正在开发一个电子商务网站。Nginx用作web服务器，unicorn用作应用服务器。在我的应用程序中，我只想为支付页面实现ssl，这意味着只针对特定的url。我试图在途中配置我的设备。我正在使用gem'rack-ssl-enforcer'。我在环境文件中给出的gem配置如下

config.middleware.use Rack::SslEnforcer,
 :redirect_to => 'https://demo.domain.com',    # For when behind a proxy, like nginx
 :only => [/^\/payment\//],                      # Force SSL on everything behind /admin   and /authors
 :strict => true

我按照下面给出的配置我的nginx。我提供了两个服务器块，一个用于公共http://，另一个用于ssl（https://）

upstream unicorn_domain {
 # This is the socket we configured in unicorn.rb
server unix:/home/ubuntu/root_path/tmp/sockets/unicorn.sock fail_timeout=30;
} 

server {
listen 80;
client_max_body_size 4G;
server_name demo.domain.com;

keepalive_timeout 5;

# Location of our static files
root /home/ubuntu/1DRecruit/root_path/public;
access_log /home/ubuntu/root_path/log/nginx/nginx.access.log;
location / {


  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header Host $http_host;
  proxy_redirect off;

  # If you don't find the filename in the static files
  # Then request it from the unicorn server
  if (!-f $request_filename) {
    proxy_pass http://unicorn_domain;
    break;
  }

  if ($request_uri ~* "\.(ico|css|js|gif|jpe?g|png)\?[0-9]+$") {
    expires max;
    break;
  }

}

}

 server {
    listen 443 ssl;
    client_max_body_size 4G;
    ssl                   on;
    ssl_certificate       /etc/nginx/ssl/example.com_chain.pem;
    ssl_certificate_key   /etc/nginx/ssl/example.com.key;
    ssl_protocols         SSLv3 TLSv1;
    ssl_ciphers           ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
    ssl_session_cache     shared:SSL:10m;


    keepalive_timeout 5;
# Location of our static files
    root /home/ubuntu/root_path/public;
   location / {
         proxy_set_header   X-Forwarded-Proto https;

}

}

在这样配置之后，nginx在重新启动时没有显示任何错误，当我们获取站点时，它正在正确加载。但是，当我们转到支付页面时，url将更改为https://，但它会显示，并且未找到nginx error404。获取nginx错误日志时，显示的错误为

[error] 2532#0: *1 open() "/home/ubuntu/root_path/public/payment/make_payment" failed (2: No such file or directory), client: 110.235.112.69, server: , request: "GET /payment/make_payment?id=9 HTTP/1.1", host: "demo.domain.com", referrer: "http://demo.domain.com/posters/home"

我正在使用startssl作为证书。我想不出这个问题。解决这个问题非常重要。在这个问题上有人能帮我吗

谢谢,，

关于

您可以尝试以下方法：

/app/middleware/force_ssl.rb

class ForceSSL
  def initialize(app)
    @app = app
  end

  def call(env)
    path = env["PATH_INFO"].to_s.squeeze("/")

    # only force ssl on billing related requests
    if path.match(/^\/installations\/\d+\/billing/) && env['HTTPS'] != 'on' && env['HTTP_X_FORWARDED_PROTO'] != 'https'
      req = Rack::Request.new(env)
      [301, { "Location" => req.url.gsub(/^http:/, "https:") }, []]
    elsif !path.match(/^\/installations\/\d+\/billing/) && !path.match(/^\/facebook\//) && (env['HTTPS'] == 'on' || env['HTTP_X_FORWARDED_PROTO'] == 'https')
      req = Rack::Request.new(env)
      [301, { "Location" => req.url.gsub(/^https:/, "http:") }, []]
    else
      @app.call(env)
    end
  end
end

我希望它对你有用。让我知道

谢谢您的重播。对不起……我不清楚。与您提到的reg exp混淆了。在我的情况下，我应该使用什么。你能建议任何与此相关的文档，或者根据我的场景再详细阐述一下吗。