Based on the README file, the SslEnforcer should be prepended into the middleware chain via insert_before:
config.middleware.insert_before ActionDispatch::Cookies, Rack::SslEnforcer
But then all subsequent examples rely on use:
config.middleware.use Rack::SslEnforcer, :only_hosts => 'api.example.com'
...
Could you please explain what the proper/expected way of setting up the middleware is?
Based on the README file, the
SslEnforcershould be prepended into the middleware chain viainsert_before:But then all subsequent examples rely on
use:Could you please explain what the proper/expected way of setting up the middleware is?