Rails force HTTPS for your application
This is your setup:
- Nginx redirecting HTTP to HTTPS
- Unicorn/puma/(etc) being reverse proxied to via nginx
What you may not realize:
When you’re submitting a form and using the
respond_with @object, location:  methods rails may not pick up that you want to use HTTPS as the protocol, adding this to your
application_controller.rb ensures every URL generated by rails will go to a secure protocol:
options.merge!(protocol: 'https') unless Rails.env.development? || Rails.env.test?
I ran into issues with rails redirecting to plain HTTP when doing some uploading utilizing iframes (and Chrome rightfully blocking the redirect back to http). Hope this helps someone else! No need to use any special gems.
Note: This only applies if you want all actions to be HTTPS though.