ssl_requirement is a Rails gem by DHH to declaratively redirect requests to SSL. It is useful, for example, to ensure all access to a checkout page is secure. SSL encryption, however, is usually handled by a webserver such as Nginx or Apache, and these are not typically used in Rails test mode. It appears most developers simply disable SSL redirects during testing, but this allows certain defects such as correct handling of flash messages to go undetected. To test SSL redirects I’ve started using a lightweight, secure reverse proxy called pound. The pound configuration file can be kept to a bare minimum to forward requests from port 8443 to 3000 and encrypt the response:
ListenHTTPS
Address 127.0.0.1
Port 8443
Cert "pound.pem"
AddHeader "X_FORWARDED_PROTO: https"
Service
BackEnd
Address 127.0.0.1
Port 3000
End
End
End
To run pound:
pound -vf ./pound.conf