Re: http or https?
This WebDNA talk-list message is from 2001
It keeps the original formatting.
numero = 37608
interpreted = N
texte = I think you'll find that this is what this code does. (hopefully!)If someone types in a non-https address, because [referrer] then DOES NOTstart with https://secure.domain.co.uk, the following [redirect] commandis NOT HIDDEN, thus redirecting them to the https version.Hope this makes sense.on 3/8/01 4:52 pm, John Hill at johnh@genericaddress.com wrote:> It's not a bad method. However, to be safe, I'd reverse the logic - redirect> to secure if the header does not contain https. That way you're not reliant on> the referrer being correct and you'll err on the side of redirecting too> often. If someone types the non-ssl url in their browser directly, the> referrer, I think, will be blank, and in your case, not redirect to the secure> page.> > John.> >> This is something I've only found discussed in the archives (by Ken) way>> back in '98, and I am wondering whether a neat solution has been found.>> >> We're trying to ensure that people access the https version of a page,>> rather than the regular http version.>> (this is an admin page which clients MAY type in directly, thus probably>> forgetting to add the https!)>> >> >> Our solution so far, has been this.>> >> [hideif [referrer]~https://secure.domain.co.uk]>> [redirect https://secure.domain.co.uk/private/securedoc.tpl]>> [/hideif]>> >> Now this seems to be working fine, but as you can see, it's not the neatest>> way of doing it.>> >> Any other ideas?>> >> Thanks.>> -------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Associated Messages, from the most recent to the oldest:
I think you'll find that this is what this code does. (hopefully!)If someone types in a non-https address, because [referrer] then DOES NOTstart with https://secure.domain.co.uk, the following [redirect] commandis NOT HIDDEN, thus redirecting them to the https version.Hope this makes sense.on 3/8/01 4:52 pm, John Hill at johnh@genericaddress.com wrote:> It's not a bad method. However, to be safe, I'd reverse the logic - redirect> to secure if the header does not contain https. That way you're not reliant on> the referrer being correct and you'll err on the side of redirecting too> often. If someone types the non-ssl url in their browser directly, the> referrer, I think, will be blank, and in your case, not redirect to the secure> page.> > John.> >> This is something I've only found discussed in the archives (by Ken) way>> back in '98, and I am wondering whether a neat solution has been found.>> >> We're trying to ensure that people access the https version of a page,>> rather than the regular http version.>> (this is an admin page which clients MAY type in directly, thus probably>> forgetting to add the https!)>> >> >> Our solution so far, has been this.>> >> [hideif [referrer]~https://secure.domain.co.uk]>> [redirect https://secure.domain.co.uk/private/securedoc.tpl]>> [/hideif]>> >> Now this seems to be working fine, but as you can see, it's not the neatest>> way of doing it.>> >> Any other ideas?>> >> Thanks.>> -------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Mark Derrick
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCat b13 CGI -shownext- (1997)
using showpage and showcart commands (1996)
RE: Just a thought (1998)
Keep away (1997)
Text data with spaces in them... (1997)
2.0 Beta (1997)
2nd WebCatalog2 Feature Request (1996)
keep W* in front applescript? (1998)
Date Formats (1997)
Occasional crashes with $remove (1997)
[format 40s]text[/format] doesn't work (1997)
ConverChars (1999)
NT error logs (1997)
WebCat2b14MacPlugIn - [include] doesn't hide the search string (1997)
[OT] Gateway and Merchant Fees! (2006)
emailer error -108 (1997)
shell question / Unix guide (2004)
Newbie problem blah blah blah (1997)
Writefile, Raw & include (2002)
Caching pages...again (2001)