[Catalyst-dev] The RequireSSL problem
Kieren Diment
diment at gmail.com
Wed Dec 26 22:09:59 GMT 2012
On 26/12/2012, at 4:46 AM, Jesse Sheidlower wrote:
>
> Right now my solution is to do nothing on my production machine (on
> which I never run the dev server) and to comment things out in
> RequireSSL.pm on my laptop (on which I can then _only_ run the dev
> server), but what should we do about this in general?
>
For most purposes I think that Plack is the correct solution. But clearly for your problem it isn't.
So I think checking Catalyst::Engine is the problem here. And there are god reasons why we shouldn't rely the dev server reporting itself as a check, e.g. it can be a legitimate deployment target. Seeing as the usual use case is that developer config and production config is different, patching ActionRole::RequireSSL to disable itself if the disable_ssl config key is present (and documenting it as such) might be the way to go (if in doubt, spell it out).
You can of course do this by putting the module in your app's lib directory tree, and/or you can send a patch to the maintainer.
More information about the Catalyst-dev
mailing list