From 4b7fc8b5e4b10f31a7524289073d4f63afa78a77 Mon Sep 17 00:00:00 2001
From: Rohan Mitchell <rohan@rohanmitchell.com>
Date: Mon, 14 Oct 2013 10:44:14 +1100
Subject: [PATCH] In production, redirect to hostname with the SSL certificate

---
 app/controllers/application_controller.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 494172aedf..8d4cdba716 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -3,6 +3,7 @@ class ApplicationController < ActionController::Base
 
   before_filter :load_data_for_menu
   before_filter :load_data_for_sidebar
+  before_filter :require_certified_hostname
 
   private
   def load_data_for_menu
@@ -34,6 +35,17 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  # There are several domains that point to the production server, but only one
+  # (vic.openfoodnetwork.org) that has the SSL certificate. Redirect all requests to this
+  # domain to avoid showing customers a scary invalid certificate error.
+  def require_certified_hostname
+    certified_host = "vic.openfoodnetwork.org"
+
+    if Rails.env.production? && request.host != certified_host
+      redirect_to "http://#{certified_host}#{request.fullpath}"
+    end
+  end
+
 
   # All render calls within the block will be performed with the specified format
   # Useful for rendering html within a JSON response, particularly if the specified