How do I redirect all https traffic to http in Sinatra on heroku?

Question

I'm trying to redirect all https traffic to http using this in Sinatra

  get "*" do
      if request.secure?
        redirect request.url.gsub(/^https/, "http")
      else
        pass # continue execution
      end   
    end

However, on a custom domain on heroku, my browser shows me the error:

This is probably not the site you are looking for!

You attempted to reach www.[domain].com, but instead you actually reached a server identifying itself as *.heroku.com. 

My DNS is configured with the www subdomain having a CNAME pointing to [domain].herokuapp.com as per https://devcenter.heroku.com/articles/custom-domains

Is this a DNS issue? Is buying a SSL certificate the only way to allow all https traffic to redirect to http, on heroku?

Answer 1

If you were going to use that code then I'd make it a before filter, as that's really what it is.

However, if you've received a request at the application layer (which is where your Sinatra app sits on Heroku) then you need a certificate because the HTTP layer (where the Nginx proxy servers that deal with this sit) has already received the request and will attempt to deal with it as a secure connection but fail/raise an error because there's no certificate. That is the message you'll get if you try and reach an non SSL page/site via the https URI scheme. You can still access the site but the user has to click past a scary warning.

The only way I know of that may work without a certificate (but looking at this answer probably not) is if you had access to the Nginx configuration and did the rewrite of the URL (and probably some headers) there.