My entire app is https, no http.
If add the following to any of the views
I get a "edit user" linked to
https://localhost:3000/user/2/edit
But when I place the same line in a mailer view the email contains
http://localhost:3000/user/2/edit
Notice the "http" instead of "https"??
Using
rails 3.0.5 and ruby 1.8.7
I believe that you have to put in your config/environments/production.rb:
config.action_mailer.default_url_options = {:protocol => 'https'}
Editing my config/environments/development file with
host = "hostaddress.io"
config.action_mailer.default_url_options = { host: host, protocol: 'https' }
worked for me on Rails 4.2.2.
Related
I have a rails app that I have deployed to AWS Elastic Beanstalk. The app uses devise to handle user authentication, and its set to be able to invite users.
My issue is that when I try to invite a user, I get the following error:
Net::SMTPFatalError (554 secureserver.net ESMTP No Relay Access Allowed From <my_eb_assigned_ip>
(I am hosting the domain on GoDaddy).
In development, the mailer functionality works fine; my smtp settings are set to (common to all environments):
ActionMailer::Base.delivery_method = :smtp
ActionMailer::Base.smtp_settings = {
:address => "smtpout.secureserver.net",
:port => 80,
:domain => "www.my_domain.com",
:authentication => :plain,
:user_name => "do-not-reply#my_domain.com",
:password => my_pass,
}
And in my production.rb config file:
config.action_mailer.default_url_options = { :host => 'aws_sb.elasticbeanstalk.com' }
Is there another setting I have to enable in Elasticbeanstalk to allow relay access? Or am I missing a production specific setting from my rails configuration?
I figured out it was the port value that I was setting....when I switched the port to 25, it works in production. However, for development, port 25 wasn't working; it would only work in dev when the port was 80.
So I ended up moving the entire smtp mailer settings into the environment specific settings (from the config/environment.rb file), and setting the production port to 25, and the development port to 80, and that appeared to make both environments work.
Edit: After another push, I was seeing the same issue, and none of the ports I tried were resolving the issue. So I ended up switching all my mail functionality to be sent through Amazon SES, and that appears to be functioning great so far.
Rails 3.2.12, ruby 1.9.3
We allow users to specify the company they are with using a subdomain, like mycompany.example.com, but we redirect to the canonical example.com and need to remember that the user is from mycompany.
We have our environment set up so the config.session_store contains :domain => 'example.com (an alternative that also works is :domain => :all, :tld_length => 2) and this is supposed to work to allow sharing of session information between subdomains. There are a number of great posts, such as this one: Share session (cookies) between subdomains in Rails?
But before the redirect I am sending session.inspect to the log, and it's clearly getting a different session (two separate session ids, etc.). So the most basic issue is that I cannot use the session to remember the mycompany part before I strip it off.
I can work around that, but there are a number of cases where the same user will be from multiple companies (and part of this is our support team who needs to be able to switch companies).
I have tried this on Chrome and Safari on OS X. I am using "pow" so my local development environment has a domain like example.dev which helps rule out several issues (vs. normal localhost:3000 server).
Am I missing something? Is it indeed possible to share a cookie across domains?
UPDATE:
Example code called in a before_filter defined in ApplicationController:
def redirect_to_canonical_if_needed
logger.debug "Starting before_filter. session contains: #{session}"
if request.host != 'example.com'
session[:original_domain] = "Originally came from #{request.host}"
logger.debug "Redirecting, session contains: #{session}"
redirect_to 'http://example.com', :status => :moved_permanently
end
end
Setting added to config/environments/production.rb and removed from config/initializers/session_store.rb
config.session_store = { :key => 'example_session', :secret => "secret", :domain => :all, :tld_length => 2 }
or
config.session_store = { :key => 'example_session', :secret => "secret", :domain => 'example.com' }
And logging result, if I start from a fresh environment where no session exists going to the url a.example.com:
Starting before_filter, session contains: {}
Redirecting, session contains: {"session_id"=>"4de9b56fb540f7295cd3192cef07ba63", "original_domain"=>"a.example.com"}
Filter chain halted as :redirect_to_canonical_if_needed rendered or redirected
Completed 301 Moved Permanently in 2294ms (ActiveRecord: 855.7ms)
Started GET "/" for 123.456.789.123 at 2013-07-12 09:41:12 -0400
Processing by HomeController#index as HTML
Parameters: {}
Starting before_filter, session contains: {}
So the before filter fires on each new request. First request there's no session, hence the "not loaded" message. The test for need to redirect is true. I put something in the session and it gets an id and what I put in it. I do the redirect. New request occurs on the root domain, before filter fires again, and here's the issue: session is not initialized
This should work fine between the two I have setup the following on my dev
Application is at example.dev
I view and set a session variable at a.example.dev then visit b.example.dev and it is set as long as when (as you describe) you set domain to 'example.dev' for the session store
This code in my root controller/action does exactly what your describing
unless request.subdomain.to_s == 'another'
session[:original_domain] = request.subdomain.to_s
redirect_to 'http://another.' + request.domain.to_s
end
And viewing original_domain is available in the session
If you put the example code in I can have a look for any pitfalls
I'm using Mandrill to build a feedback form for users on the website (they fill the form and send me an e-mail).
I want to test the e-mail functionality in development. I use unicorn as a server and my local address is 0.0.0:8080
However I get a 500 server error, Net::SMTPServerBusy : Relay Access Denied
I followed the Heroku instructions step by step.
Here is m application.rb configuration:
config.action_mailer.smtp_settings = {
:address => 'smtp.mandrillapp.com',
:port => '587',
:domain => 'heroku.com',
:user_name => ENV['MANDRILL_USERNAME'],
:password => ENV['MANDRILL_APIKEY']
}
ActionMailer::Base.delivery_method = :smtp
I followed the instructions on mandrill/heroku web page to set up.
I have a .env file set up with a MANDRILL_USERNAME and my MANDRILL_APIKEY
Here is my ActionMailer file:
class FeedbackMailer < ActionMailer::Base
default :from => ""
default :to => "xxx#stanford.edu"
default :subject => "feedback about xxx"
def send_feedback(message)
#debugger
#message = message
mail(:from => message[:sender_email])
end
end
Any help would be appreciated.
I can confirm e-mails get sent in production.
If all of your settings are working in production but not locally, there are a couple of possibilities:
How are you loading the variables from .env to ENV? It's possible the environment variables aren't getting loaded as expected locally. If you hard code the credentials locally, does it work?
You could be running in to an issue with the port or outbound SMTP traffic being blocked. Consider trying port 2525, as it may be less likely to be blocked by local ISPs. Port 465 with SSL enabled may also work even if your ISP is blocking other SMTP traffic
When I update my Rails gems I find this errors (only in production, in development environment working good):
Curl::Err::SSLCACertificateError
Seems that is an SSL Certificate Authority Error, but why only in production is not working? And what can I do to resolve the problem?
My curb gems is v.0.8.3 with rails 3.2.8
(the mayor update was the rake, that now is v.10.0.2, but I don't know if this influence the good working of the curb gem).
FYI, this is the code that raise the error:
loginData = { :login => "myuser", :password => "mypass" }
loginJson = ActiveSupport::JSON.encode(loginData)
req = Curl::Easy.http_post("https://mysite.com", loginJson
) do |curl|
curl.headers['Content-type'] = 'application/json'
end
It sounds like you're using a self-signed SSL certificate on the server, which is fine. I do the same thing for internal services. You'll just want to make your client aware of the custom SSL certificate as well, that way it knows that it can be trusted.
Something like this should do the trick:
req = Curl::Easy.http_post("https://mysite.com", loginJson) do |curl|
curl.headers['Content-type'] = 'application/json'
curl.cacert = "/path/to/ca.crt"
curl.cert = "/path/to/cert.pem"
end
Of course, you'll probably want to extract these string constants into a config file.
I find an alternative solution, when I request a "curl" I put this additional propriety:
curl.ssl_verify_peer = false
I don't know if in term of security is the best solution, but for the moment it works...
I have a rake task that pulls and parses JSON data over an SSL connection from an external API.
I use a gem that wraps this external API and have no problems running locally, but the task fails when run on heroku with #<Curl::Err::SSLCaertBadFile: Curl::Err::SSLCaertBadFile>
I installed the piggyback SSL add-on, hoping it might fix it, but no dice.
Any ideas?
UPDATE
I managed to fix it by disabling ssl verification on the curl request previously set by the following two fields:
request.ssl_verify_peer
request.ssl_verify_host
I don't know enough about SSL to know exactly why the error was caused by these settings in a heroku environment or what the implications of disabling this are, aside from reduced security.
It is a bad idea to disable certificate checking. See http://www.rubyinside.com/how-to-cure-nethttps-risky-default-https-behavior-4010.html, http://jamesgolick.com/2011/2/15/verify-none..html and associated references for more on that topic.
The issue is that your HTTP client doesn't know where to find the CA certificates bundle on heroku.
You don't mention what client you are using, but here is an example for using net/https on heroku:
require "net/https"
require "uri"
root_ca_path = "/etc/ssl/certs"
url = URI.parse "https://example.com"
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = (url.scheme == "https")
if (File.directory?(root_ca_path) && http.use_ssl?)
http.ca_path = root_ca_path
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.verify_depth = 5
end
request = Net::HTTP::Get.new(url.path)
response = http.request(request)
Here is an example using Faraday:
Faraday.new "https://example.com", ssl: { ca_path: "/etc/ssl/certs" }
Good luck.