diff options
author | Joshua Peek <josh@joshpeek.com> | 2011-03-30 21:04:33 -0500 |
---|---|---|
committer | Joshua Peek <josh@joshpeek.com> | 2011-03-30 21:04:33 -0500 |
commit | 56a5da89dbcdd6d73f26f5c1be6221b684574b2b (patch) | |
tree | 577fbc16d37ed54bbda1a2a7477894caa6a7bfff /railties/guides/source/action_controller_overview.textile | |
parent | 5df076ad0965dc684afff8a019fd9f92a53ada76 (diff) | |
parent | 58c3ec1b7b7ee073edf9c245de5d06426be60a25 (diff) | |
download | rails-56a5da89dbcdd6d73f26f5c1be6221b684574b2b.tar.gz rails-56a5da89dbcdd6d73f26f5c1be6221b684574b2b.tar.bz2 rails-56a5da89dbcdd6d73f26f5c1be6221b684574b2b.zip |
Merge branch 'master' into sprockets
Conflicts:
railties/lib/rails/application/configuration.rb
Diffstat (limited to 'railties/guides/source/action_controller_overview.textile')
-rw-r--r-- | railties/guides/source/action_controller_overview.textile | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/railties/guides/source/action_controller_overview.textile b/railties/guides/source/action_controller_overview.textile index ecb03a48e4..178d98c2d6 100644 --- a/railties/guides/source/action_controller_overview.textile +++ b/railties/guides/source/action_controller_overview.textile @@ -816,6 +816,28 @@ end NOTE: Certain exceptions are only rescuable from the +ApplicationController+ class, as they are raised before the controller gets initialized and the action gets executed. See Pratik Naik's "article":http://m.onkey.org/2008/7/20/rescue-from-dispatching on the subject for more information. +h3. Force HTTPS protocol + +Sometime you might want to force a particular controller to only be accessible via an HTTPS protocol for security reason. Since Rails 3.1 you can now use +force_ssl+ method in your controller to enforce that: + +<ruby> +class DinnerController + force_ssl +end +</ruby> + +Just like the filter, you could also passing +:only+ and +:except+ to enforce the secure connection only to specific actions + +<ruby> +class DinnerController + force_ssl :only => :cheeseburger + # or + force_ssl :except => :cheeseburger +end +</ruby> + +Please note that if you found yourself adding +force_ssl+ to many controllers, you may found yourself wanting to force the whole application to use HTTPS instead. In that case, you can set the +config.force_ssl+ in your environment file. + h3. Changelog * February 17, 2009: Yet another proofread by Xavier Noria. |