move loading rack ssl to an initializer, so we have EnviromentConfiguration and AppConfig. also, circumvent ssl requirement option is now back"

config/application.yml.example

@@ -196,6 +196,7 @@ defaults: &defaults
   # is running on the default Redis port.
   redis_location: ''
 
+  circumvent_ssl_requirement: false
 
   # Web tracking
 

config/initializers/enforce_ssl.rb

@@ -0,0 +1 @@
+Rails.application.config.middleware.insert_before(Rack::Runtime, Rack::SSL) if EnviromentConfiguration.enforce_ssl?

lib/enviroment_configuration.rb

@@ -1,5 +1,5 @@
 module EnviromentConfiguration
-  ARRAY_SEPERATOR = '%|%'
+
   def self.heroku?
     ENV['HEROKU']
   end
@@ -29,6 +29,13 @@ module EnviromentConfiguration
     end
   end
 
+  def self.enforce_ssl?
+    return false unless Rails.env == 'production'
+    return false if ENV['NO_SSL'] 
+    return false if AppConfig[:circumvent_ssl_requirement].present?
+    true
+  end
+
   def self.ca_cert_file_location
     if self.heroku?
       "/usr/lib/ssl/certs/ca-certificates.crt"