Module: ActionController::ForceSSL

Extended by:
Defined in:


This module provides a method which will redirects browser to use HTTPS protocol. This will ensure that user's sensitive information will be transferred safely over the internet. You should always force browser to use HTTPS when you're transferring sensitive information such as user authentication, account information, or credit card information.

Note that if you really concern about your application safety, you might consider using config.force_ssl in your configuration config file instead. That will ensure all the data transferred via HTTPS protocol and prevent user from getting session hijacked when accessing the site under unsecured HTTP protocol.

Defined Under Namespace

Modules: ClassMethods

Method Summary

Methods included from ActiveSupport::Concern

append_features, extended, included

Methods included from AbstractController::Callbacks


Methods included from ActiveSupport::Callbacks