Ethan Wilkins Ethan Wilkins - 9 months ago 53
Ruby Question

Rails Simple Captcha not going over HTTPS

I'm using the

gem for authentication with Rails and have it working fine in development but the captcha image/code is not going over the SSL layer in production so the image is not rendering within the captcha form. I set up OpenSSL using this letsencrypt tutorial for multiple domains and it's worked fine for everything but

Here is the error output from Firefox:

Loading mixed (insecure) display content "" on a secure page


Adding the following lines (as described here) to my nginx.conf solved the issue of request.protocol returning the wrong protocol:

proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;

As far as the captcha image not loading, whether as secure or insecure content, imagemagick has to be installed.