您在开发中如何处理 SSL?

发布于 2024-08-19 00:48:19 字数 537 浏览 6 评论 0原文

我有一个应用程序,它的一些路由与 ssl_requirement 插件一起使用。它已部署并且在生产中运行良好。

问题是如何在开发中最好地处理这个问题,因为目前我只是简单地修改 routes.rb 来删除 :requirements 键,显然这不是很方便或优雅:

map.resource :session, :controller => 'session',
                       :only => [:new, :create, :destroy],
                       :requirements => { :protocol => 'https' }

理想情况下,我希望能够在 Mongrel 上运行开发中的应用程序的安全部分,而无需进行任何更改。我怎样才能实现这个目标?我使用的是 Mac OS X。

I have an application that uses HTTPS for some of its routes in conjunction with the ssl_requirement plugin. It's deployed and is working fine in production.

The question is how best to handle this in development, because at the moment I'm simply hacking my routes.rb to remove the :requirements key and obviously that's not very convenient or elegant:

map.resource :session, :controller => 'session',
                       :only => [:new, :create, :destroy],
                       :requirements => { :protocol => 'https' }

Ideally I'd like to be able to run the secure parts of my application in development on Mongrel without any changes. How can I achieve this? I'm using Mac OS X.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

北凤男飞 2024-08-26 00:48:19

不用担心开发中的 SSL

对于开发环境,IMO,您不需要运行 SSL。不值得花费时间或麻烦,尤其是当越来越多的人加入团队时。关于您的路由,我只需在开发环境中将协议保留为 http

protocol = Rails.env.development? ? "http" : "https"

map.resource :session, :controller => 'session',
                       :only => [:new, :create, :destroy],
                       :requirements => { :protocol => protocol }

现在,您需要测试 SSL 集成的位置位于您的 上临时环境——在部署到生产环境之前部署到的位置。这是您想要准确复制生产环境的地方。您的开发环境不需要以同样的方式与您的生产环境相匹配。

Don't worry about SSL in development

For a development environment, IMO, you don't need to run SSL. It's not worth the time or hassle, especially as more people join the team. With regards to your routes, I would simply keep the protocol as http in the development environment:

protocol = Rails.env.development? ? "http" : "https"

map.resource :session, :controller => 'session',
                       :only => [:new, :create, :destroy],
                       :requirements => { :protocol => protocol }

Now, where you do need to test your SSL integration is on your staging environment -- the place where you deploy to just prior to deploying to production. This is where you want to accurately replicate your production environment. Your development environment does not need to match your production environment in this same way.

青芜 2024-08-26 00:48:19

随着您的 Rails 应用程序变得越来越复杂,并且您想要使用 SSL 等高级功能,您最好的选择是切换到与您的生产环境更匹配的开发环境。这将允许您创建自己的 SSL 证书并以反映用户使用应用程序的方式进行测试。

我建议迁移到与生产中使用的相同的网络服务器,您提到的是 apache/passenger。

在相关问题中...您如何使用 ssl 管理您的测试环境?为此,我目前正在像您一样修改我的路线。有更好的办法吗?

As your rails apps get more complicated and you want to use advanced features like SSL your best bet is to switch to a development environment which more closely matches your production environment. This will allow you to create your own SSL certs and test in a way which will mirror the way your users will use your application.

I suggest moving to the same webserver as you use in production, which you've mentioned is apache/passenger.

In a related question... how do you manage your test environment with ssl? For this I'm currently hacking up my routes as you're doing. Is there a better way?

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文