Ensure force_ssl flag does not break SYS api

Revert "Remove force ssl flag"
This reverts commit f5ecdb45b5.

[ci skip]
pull/6335/head
Oliver Günther 7 years ago
parent 7f5e23a9d6
commit 30d7ac28f2
No known key found for this signature in database
GPG Key ID: 88872239EB414F99
  1. 12
      config/environments/production.rb
  2. 5
      lib/tasks/packager.rake

@ -73,6 +73,18 @@ OpenProject::Application.configure do
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = OpenProject::Configuration['rails_force_ssl']
config.ssl_options = {
# Disable redirect on the internal SYS API
redirect: {
exclude: ->(request) do
# Respect the relative URL
relative_url = Regexp.escape(OpenProject::Configuration['rails_relative_url_root'])
# When we match SYS controller API, allow non-https access
request.path =~ /#{relative_url}\/sys\//
end
},
secure_cookies: true
}
# Set to :debug to see everything in the log.
config.log_level = :warn

@ -71,6 +71,11 @@ namespace :packager do
ENV.fetch('SERVER_PROTOCOL', Setting.protocol)
end
# Set https configured, set Rails force_ssl to true
if Setting.https?
shell_setup(['config:set', "OPENPROJECT_RAILS__FORCE__SSL=true"])
end
# Run customization step, if it is defined.
# Use to define custom postinstall steps required after each configure,
# or to configure products.

Loading…
Cancel
Save