I agree that changing code should be a last resort. I'm pretty sure here the redirection is intentional.
On Aug 24, 1:38 pm, Benjamin Podszun <benjamin.pods...@gmail.com> wrote: > Hi. > > > > On Tue, Aug 24, 2010 at 1:27 AM, shin938 <sha...@tikalk.com> wrote: > > one thing you can do: > > find the file: > > vendor/plugins/ssl_requirement/lib/ssl_requirement.rb > > > find the methods ssl_required? and ssl_allowed? , strip all code or > > comment it and return always true, > > like this: > > def ssl_required? > > true > > # required = > > (self.class.read_inheritable_attribute(:ssl_required_actions) || []) > > # except = > > self.class.read_inheritable_attribute(:ssl_required_except_actions) > > > # unless except > > # required.include?(action_name.to_sym) > > # else > > # !except.include?(action_name.to_sym) > > # end > > end > > > def ssl_allowed? > > true > > end > > > make sure you don't have this line in config/environments/ > > production.rb or that at least its in comment: > > #SslRequirement.disable_ssl_check = true > > > with this gitorious will not redirect to http, but your http site on > > port 80 will still be accessible, > > actually gitorious needs to access the site itself,it uses the host > > and port in gitorious.yml, so you can leave the http (port 80) site > > but only restrict access to it from localhost with: > > Order deny,allow > > Deny from all > > Allow from 127.0.0.1 > > > I didn't fully check it and maybe there's a better way to do it, I > > don't think there is a configuration option, its all buried in the > > code , I checked that the site works and that I can push over ssh and > > it worked for me, but I'm not using it because I want my site viewable > > to the public without ssl. > > Thanks for the suggestion. Maybe I'll give that a try in the future, but for > now I'd like to find the underlying issue (and, to be honest, I'm not yet > completely convinced that this redirection behavior is intentional, even on > other deployments). > Any change to the gitorious code means that upgrading will be harder. > Radical "strip out everything related to ssl special cases" without a > somewhat decent understanding what I'm doing is more a last resort (to get > this working at all) than a real solution. > > Regards, > Ben -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com