我用devise和facebook auth制作了一个示例应用程序.我想将fb个人资料照片显示为用户的头像,并且它在Chrome和IE中工作.但是在firefox中,我看到了关于“跟踪保护”的警告 – “连接不安全”.
我写了一个简单的方法:
def avatar_for(user) avatar_url = user.image image_tag(avatar_url,alt: user.name,class: "avatar") unless user.image.nil? end
如何使这种方法/连接安全?
EDIT: It’s exactly how max wrote: using https address vis
secure_image_url removes the warning in ‘Tracking Protection’
warning in Firefox,but no image is displayed.
解决方法
使用secure_image_url选项让OmniAuth Facebook创建一个HTTPS地址:
Rails.application.config.middleware.use OmniAuth::Builder do provider :facebook,ENV['FACEBOOK_KEY'],ENV['FACEBOOK_SECRET'],secure_image_url: true end