From 8459acd1234e9efcbf106e3eaa00ca871717d386 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Thu, 18 Aug 2016 17:48:57 +0200
Subject: [PATCH] Fix for force SSL issue with websockets

---
 app/controllers/application_controller.rb | 2 ++
 config/environments/production.rb         | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index b10fa977e..91f76d311 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -3,6 +3,8 @@ class ApplicationController < ActionController::Base
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
 
+  force_ssl if: "ENV['LOCAL_HTTPS'] == 'true'"
+
   # Profiling
   before_action do
     if (current_user && current_user.admin?) || Rails.env == 'development'
diff --git a/config/environments/production.rb b/config/environments/production.rb
index 4c4ed760c..09b77654f 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -32,7 +32,7 @@ Rails.application.configure do
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
 
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  config.force_ssl = ENV['LOCAL_HTTPS'] == 'true'
+  config.force_ssl = false
 
   # Use the lowest log level to ensure availability of diagnostic information
   # when problems arise.