开发模式下的密码保护 Mongrel
我有一个客户担心有人可能会发现我们开发服务器的 IP 并试图在我们发布新功能之前窃取它们。 (因为我们有外部链接和嵌入,所以可以在测试时进行回溯)。我一直在寻找一种仅在开发模式下使用密码保护服务器的方法(我不想在每次部署之前都更改代码)。我正在考虑通过控制器进行超级基本身份验证,例如:
if RAILS_ENV == "development"
collect = require_password #some action or method or something here... Figure it out later...
if collect != "foobar"
redirect_to "http://www.google.com"
end
end
我觉得这是一种奇怪的愚蠢方式,但是,这并不是我们需要史诗般的安全性,只是为了让那些可能在开发模式下偶然发现网站的人感到困惑。
I have a client who is concerned that someone may discover the IP of our development server and attempt to steal new features before we release them. (Because we have external links and embeds, it is possible to track back while testing). I was looking for a way to password protect the server ONLY in development mode (I don't want to have to change code before every deployment). I was thinking of doing super basic authentication through a controller like:
if RAILS_ENV == "development"
collect = require_password #some action or method or something here... Figure it out later...
if collect != "foobar"
redirect_to "http://www.google.com"
end
end
I feel like this is an oddly stupid way of doing this, however, it's not like we need epic security, just something to fumble people who might stumble across the site in development mode.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
在您的控制器中添加以下行
before_filter 的代码如下所示
In your controller add the following lines
The code for before_filter looks like this