The force_ssl function in rails 3.1 is hardcoded to ignore the development environment, but

Question

0

Asked: May 29, 20262026-05-29T06:30:42+00:00 2026-05-29T06:30:42+00:00

The force_ssl function in rails 3.1 is hardcoded to ignore the development environment, but

0

The force_ssl function in rails 3.1 is hardcoded to ignore the development environment, but not test. This is giving me redirect errors in my (minitest) tests. Is the solution to set up my test server to support ssl (if so, how?). If not, should I monkey patch force_ssl to ignore requests in test?

 def force_ssl(options = {})
        host = options.delete(:host)
        before_filter(options) do
          if !request.ssl? && !Rails.env.development?
            redirect_options = {:protocol => 'https://', :status => :moved_permanently}
            redirect_options.merge!(:host => host) if host
            flash.keep
            redirect_to redirect_options
          end
        end
  end

EDIT Found this chain, which confirms other people think this an issue, but doesn’t look like there’s a committed fix yet: https://github.com/rails/rails/pull/2630

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-29T06:30:43+00:00

Editorial Team

2026-05-29T06:30:43+00:00Added an answer on May 29, 2026 at 6:30 am

Another option instead of monkey patching the entire application is to just override force_ssl in your test suite alone. For example, in test/test_helper.rb you can add this:

# We don't want SSL redirects in our test suite
module ActionController::ForceSSL::ClassMethods
  def force_ssl(options = {})
    # noop
  end
end

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

The force_ssl function in rails 3.1 is hardcoded to ignore the development environment, but

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply