My site is working with https protocol. When I am creating a link in an email. It is creating a link with http protocol. My other links are being created correctly but link with created in rufuse scheduler's schedule is getting http. How can I fix this issue?
Thanks in advance.
You can use the :protocol option in a link_to (which I'm assuming you are using).
<%= link_to "Click here", root_url(:protocol => "https") %>
Related
I have an existing asp application which is running from a long time and many clients used to post the from Form Post or Ajax post with different technologies (e.g. .Php, .Asp, .Aspx). now we are planning to upgrade the asp application to MVC5. As URL’s are modified and existing URL’s are not available they are getting 404 error.
Can anyone know how to route the URL from asp to MVC. Below is my example
http://bbbbbb.com/test/test/mytest.asp
to
http://newsite.com/mycontoller/myaction
This may not be the answer you are looking for, but we use permanent redirection. Just replace the code in http://bbbbbb.com/test/test/mytest.asp with:
<%
Response.Status = "301 Moved Permanently"
Response.AddHeader "Location", "http://newsite.com/mycontoller/myaction"
%>
I'm storing photos using aws s3 and I get a chrome warning saying some of the content on the site isn't secure. In the dev console I see:
The page at https://domain.herokuapp.com/users/1/ displayed insecure content
from http://s3.amazonaws.com/domain/photos/user_thumbnail/casing-earphones.jpg?1365720318.
The amazon link isn't https how can I fix this my apps access to the entire bucket?
Following the setup instructions here: https://devcenter.heroku.com/articles/paperclip-s3
I have the following code I guess i need to add a URL option somewhere somehow:(config/environment/production.rb)
config.paperclip_defaults = {
:storage => :s3,
:s3_credentials => {
:bucket => ENV['AWS_BUCKET'],
:access_key_id => ENV['AWS_ACCESS_KEY_ID'],
:secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
}
}
I needed to add this line:
:s3_protocol => 'https'
It's not mentioned in the setup instructions but paperclip s3 configuration options can be found here: http://rdoc.info/github/thoughtbot/paperclip/Paperclip/Storage/S3
You may be able to just add the s to the http URL and have it work fine. If that works, then fix the link to refer to https instead of http.
If that doesn't work, you may need to contact Amazon customer service. As long as you have links to http pages from an https connection you and your users will get that message. More importantly however, you open your users up to XSS, CSRF, and MitM attacks.
I am planning to create an app in rails but first I want to make a launch page. Having never made a launch page I am curious as to how others are doing it?
Do you creae a small rails application with controller and model that just collects email addresses? and then deploy the rails app? I'd prefer this way but it seems like an overkill to deploy a rails app just for a launch page...?
Also, how do you modify the routes file so that if users type anything after the url then only page that shows up is the laungh page.
Meaning, if my launch page is at http://mycoollaunchpage.com then if users mess around and type http://mycoollaunchpage.com/lkjlkjljk then it should redirect back to http://mycoollaunchpage.com
Your idea sounds good. Just a page with an email signup form would work well.
To redirect back to your home page, make a route glob in your routes.rb file, and have an action in your controller that just redirects back to your root.
# in routes.rb
match "*whatever", :controller => 'pages', :action => 'redirect_to_root'
# in your pages_controller.rb file
def redirect_to_root
redirect_to "/"
end
There is an awesome rails plugin available for this very requirement of yours ;)
https://github.com/vinsol/Launching-Soon/
I am working on a rails 3 application which use subdomains. I used railscasts #221 "Subdomains in rails 3" (http://railscasts.com/episodes/221-subdomains-in-rails-3) as a guide and everything goes well, except in Explorer.
To keep my session across all the subdomains I put the next line in session_store.rb as the tutorial says:
MyApp.application.config.session_store :cookie_store, :key => '_myapp_session', :domain => "example.com"
I have tested my app on Firefox and Chrome and it works well, but for some reason is not working at all in Internet Explorer. The behavior is strange because sometimes it seems the session is share across all my subdomains, but some others there are some subdomains where I am logged in and other sudomains where I am not logged in.
I can't find any reason for this and I would appreciate any idea...
I am using Devise for authentication with rails 3.0.5
I believe you'll need to change your domain value to .example.com (the leading dot indicates that the cookie can be used across subdomains):
MyApp.application.config.session_store :cookie_store, :key => '_myapp_session', :domain => ".example.com"
For some reason this did not work (rails 3.2.11) for any session data that was set on a subdomain. It took a piece of custom Middleware to fix it. A summary of that solution is below.
tl;dr: You need to write a custom Rack Middleware. You need add it into your conifg/environments/[production|development].rb. This is on Rails 3.2.11
Cookie sessions are usually stored only for your top level domain.
If you look in Chrome -> Settings -> Show advanced settings… -> Privacy/Content settings… -> All cookies and site data… -> Search {yourdomain.com} You can see that there will be separate entries for sub1.yourdomain.com and othersub.yourdomain.com and yourdomain.com
The challenge is to use the same session store file across all subdomains.
Step 1: Add Custom Middleware Class
This is where Rack Middleware comes in. Some relevant rack & rails resources:
Railscasts about Rack
Railsguide for Rack
Rack documentation for sesssions abstractly and for cookie sessions
Here is a custom class that you should add in the lib
This was written by #Nader and you all should thank him
# Custom Domain Cookie
#
# Set the cookie domain to the custom domain if it's present
class CustomDomainCookie
def initialize(app, default_domain)
#app = app
#default_domain = default_domain
end
def call(env)
host = env["HTTP_HOST"].split(':').first
env["rack.session.options"][:domain] = custom_domain?(host) ? ".#{host}" : "#{#default_domain}"
#app.call(env)
end
def custom_domain?(host)
host !~ /#{#default_domain.sub(/^\./, '')}/i
end
end
Basically what this does is that it will map all of your cookie session data back onto the exact same cookie file that is equal to your root domain.
Step 2: Add To Rails Config
Now that you have a custom class in lib, make sure are autoloading it. If that meant nothing to you, look here: Rails 3 autoload
The first thing is to make sure that you are system-wide using a cookie store. In config/application.rb we tell Rails to use a cookie store.
# We use a cookie_store for session data
config.session_store :cookie_store,
:key => '_yourappsession',
:domain => :all
The reason this is here is mentioned here is because of the :domain => :all line. There are other people that have suggested to specify :domain => ".yourdomain.com" instead of :domain => :all. For some reason this did not work for me and I needed the custom Middleware class as described above.
Then in your config/environments/production.rb add:
config.middleware.use "CustomDomainCookie", ".yourdomain.com"
Note that the preceding dot is necessary. See "sub-domain cookies, sent in a parent domain request?" for why.
Then in your config/environments/development.rb add:
config.middleware.use "CustomDomainCookie", ".lvh.me"
The lvh.me trick maps onto localhost. It's awesome. See this Railscast about subdomains and this note for more info.
Hopefully that should do it. I honestly am not entirely sure why the process is this convoluted, as I feel cross subdomain sites are common. If anyone has any further insights into the reasons behind each of these steps, please enlighten us in the comments.
I am using Ruby 1.8.7 and Rails 3.0.3.
When I upload a file I get following error:
ActionController::InvalidAuthenticityToken
I tried adding followings to my model file:
protect_from_forgery :only => [:create, :update, :destroy]
skip_before_filter :verify_authenticity_token
How to solve it?
Check the HTML in your form and ensure that there's an element like <input name="authenticity_token" type="hidden" value="some_long_random_string" />.
If you're not using rails' form helpers or you're bypassing them with javascript somehow, you're not going to get that token in the request. That leaves you to choose between disabling the forgery protection or fixing your forms.
I just had this problem and fixed it by ensuring that <%= csrf_meta_tag %> is included wherever an html head section is defined.
This problem arose for me when I started using custom layouts and accidentally forgot to include that token.
If you define the html head section in the view itself, the csrf meta tag needs to be included there to.