diff options
| author | Prem Sichanugrist <s@sikachu.com> | 2011-03-27 23:55:46 +0700 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2011-03-27 13:27:23 -0700 |
| commit | 2c0c4d754e34b13379dfc53121a970c25fab5dae (patch) | |
| tree | a911462aeb8f1bd2e8df9d255708d074cfdf37ce /railties/lib/rails/generators | |
| parent | b2d94322e6f2c2324154465147938ca8b16c610d (diff) | |
| download | rails-2c0c4d754e34b13379dfc53121a970c25fab5dae.tar.gz rails-2c0c4d754e34b13379dfc53121a970c25fab5dae.tar.bz2 rails-2c0c4d754e34b13379dfc53121a970c25fab5dae.zip | |
Add `config.force_ssl` configuration which will load `Rack::SSL` middleware if set to true
This will allow user to be able to force all requests to be under HTTPS protocol.
This commit was a request from DHH. Special thanks to Josh Peek as well for making `Rack::SSL`.
Diffstat (limited to 'railties/lib/rails/generators')
| -rw-r--r-- | railties/lib/rails/generators/rails/app/templates/config/environments/development.rb.tt | 2 | ||||
| -rw-r--r-- | railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt | 18 |
2 files changed, 8 insertions, 12 deletions
diff --git a/railties/lib/rails/generators/rails/app/templates/config/environments/development.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/environments/development.rb.tt index 91d3133ea4..bdb897ad33 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/environments/development.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/environments/development.rb.tt @@ -3,7 +3,7 @@ # In the development environment your application's code is reloaded on # every request. This slows down response time but is perfect for development - # since you don't have to restart the webserver when you make code changes. + # since you don't have to restart the web server when you make code changes. config.cache_classes = false # Log error messages when you accidentally call methods on nil. diff --git a/railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt index 89bb891ddd..874cc403ba 100644 --- a/railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt +++ b/railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt @@ -1,7 +1,6 @@ <%= app_const %>.configure do # Settings specified here will take precedence over those in config/application.rb - # The production environment is meant for finished, "live" apps. # Code is not reloaded between requests config.cache_classes = true @@ -9,14 +8,15 @@ config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Specifies the header that your server uses for sending files - config.action_dispatch.x_sendfile_header = "X-Sendfile" + # Disable Rails's static asset server (Apache or nginx will already do this) + config.serve_static_assets = false - # For nginx: - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' + # Specifies the header that your server uses for sending files + # (comment out if your front-end server doesn't support this) + config.action_dispatch.x_sendfile_header = "X-Sendfile" # Use 'X-Accel-Redirect' for nginx - # If you have no front-end server that supports something like X-Sendfile, - # just comment this out and Rails will serve the files + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. + # config.force_ssl = true # See everything in the log (default is :info) # config.log_level = :debug @@ -27,10 +27,6 @@ # Use a different cache store in production # config.cache_store = :mem_cache_store - # Disable Rails's static asset server - # In production, Apache or nginx will already do this - config.serve_static_assets = false - # Enable serving of images, stylesheets, and javascripts from an asset server # config.action_controller.asset_host = "http://assets.example.com" |