Closed zspencer closed 11 months ago
@KellyAH - This may be a bit less of a stretch than you wanted; but it will give you experience digging into the Rails Routing
and Controller
layers. If you want to tackle it, just leave your face on and roll and tag me on PRs. If you don't just tell me "eh, no" and I'll pick it up :soon:
@KellyAH - When I tested this via the UI in production, the checkbox did not persist in between page-loads. I was able to confirm that when I updated the enforce_ssl
flag on the Piikup
space it does do the redirection tho!
@KellyAH - When I tested this via the UI in production, the checkbox did not persist in between page-loads. I was able to confirm that when I updated the
enforce_ssl
flag on thePiikup
space it does do the redirection tho!
I didn't have time to do much data collection; but I'm going to set up a production space and get a repro for ya.
OK never mind; clearly I must have not been paying enough attention because it was during the onboarding for Cafe Gabriela.
I have created a new space (https://sandbox.zinc.coop/spaces/sandbox/) that we can use for testing stuff in production with lower stakes tho!
crud! I just spun up local off latest master and it's getting SSL errors! It looks like /spaces pages are auto redirecting to https. Is your local throwing SSL errors too when loading any web pages.
Did the merge of https://github.com/zinc-collective/convene/pull/1504 break our local environments and prod?
My local is still fine; but I have not turned on enforce_ssl
for local spaces; because my local environment doesn't have SSL. You may need to go into the Rails console, find your "test" Space
, and flip the enforce_ssl
to false:
Space.find_by(slug: "test").update(enforce_ssl: false)
Alternatively, you could update all your local spaces to not enforce ssl:
Space.where(enforce_ssl: true).each { |space| space.update(enforce_ssl: false) }
Alright, well I think this is Done For Now; so I am going to mark it as a Potato and close it!
We're in a bit of a pickle here because we're using Cloudflare's free tier for DNS and WAF for
convene.zinc.coop
; which requires us to disableforce_ssl
for that Space to prevent a redirect loop.However, for spaces that are not using a Web Application Firewall or other intermediary; we do want to force ssl.
Use Cases
Operator
may force every space to use SSL by setting theFORCE_SSL
environment variable totrue
https
if they visit a space that Enforces SSL using HTTPMember
may force all requests to aSpace
to usessl