I'm working on a specific case where I want to force SSL in a Rails app, I've tried using:
Rails.application.configure do
config.force_ssl = true
end
However, there are a couple of endpoints that load content from 3rd party websites using iframes and I'm getting a Content-Mixed error because some of them don't support HTTPS.
Is there a way to mark certain routes as exempt to the force_ssl config in Rails?
Working on a Rails 4.1.x app, thanks!