Rails request object contains wrong protocol
https://stackoverflow.com/questions/9489712
-
14-11-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
I'm running Rails 3.1.2 on Apache with the latest Passenger, 3.0.11. I'm using force_ssl to require a secure connection in a few of my application's actions.
The web browser is warning that although the identity of the site has been verified and the connection is encrypted, the page contains other resources which are not secure. The culprit is a reference to the Google Fonts API being made over plain http. My view contains the following:
= stylesheet_link_tag "#{request.port}fonts.googleapis.com/css?family=Oswald"
I also tried this:
= stylesheet_link_tag "http#{request.ssl? ? 's' : ''}://fonts.googleapis.com/css?family=Oswald"
Both of these result in the stylesheet url having "http://".
I had success doing this in a Rails 3.0.5/Passenger 3.0.7/SslRequirement, but can't get it to work in Rails 3.2.1/Passenger 3.0.11/force_ssl.
해결책
put "//fonts.googleapis.com/css?family=Oswald" without the http or https - that way the browser uses the same protocol as the page you are on and doesn't show any warnings.
