From daeb7713e0aeeac8f7f75074700594518b135ce1 Mon Sep 17 00:00:00 2001
From: Will Bradley <bradley.will@gmail.com>
Date: Fri, 11 Apr 2014 13:15:42 -0700
Subject: [PATCH] Removing force_ssl for /space_api and /macs

---
 app/controllers/application_controller.rb | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 6d1397c..2a6a445 100755
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,10 +1,15 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
 
-  force_ssl if: :ssl_configured?
+  force_ssl if: :ssl_forced?
 
-  def ssl_configured?
-    !Rails.env.development? && !Rails.env.test?
+  def ssl_forced?
+    # Non-production environments and read-only stuff like the space API and MACs should not require SSL. (APIs hate following 301s).
+    if Rails.env.development? || Rails.env.test? || ["space_api","macs"].include?(params[:controller])
+      return false
+    else
+      return true
+    end
   end
 
   rescue_from CanCan::AccessDenied do |exception|