s3_protocol default could be more sensible

[hannesfostie]

Hi,

I just spent a little while trying to figure out why my Attachment URLs were http instead of https. I started looking in my AWS config at first, where HTTPS is the default, and then finally came across the Paperclip documentation which states the following:

    # * +s3_protocol+: The protocol for the URLs generated to your S3 assets. Can be either
    #   'http', 'https', or an empty string to generate protocol-relative URLs. Defaults to 'http'
    #   when your :s3_permissions are :public_read (the default), and 'https' when your
    #   :s3_permissions are anything else.

I don't quite see why we'd want to default to http based on s3_permissions. If anything, we should look at the AWS settings and use that protocol?

[betesh]

+1 IMO it should default to an empty string.

[tute]

I don't quite see why we'd want to default to http based on s3_permissions. If anything, we should look at the AWS settings and use that protocol?

This sound good to me. Is there a reason why we should default to HTTPS?

[betesh]

With an empty String as default, if you're on an HTTPS page, you'll get HTTPS, and if you're on an HTTP page, you'll get HTTP. That's probably what the vast majority of users want and expect. public_read (now 'public-read') has nothing to do with what protocol is in use on the page where you are displaying the images, so it's not at all expected.

[tute]

In that case, empty string it is.