[ic] AlwaysSecure is not working
Jerry
interchange-users@interchange.redhat.com
Mon Feb 25 12:17:01 2002
> From: interchange-users-admin@interchange.redhat.com
> [mailto:interchange-users-admin@interchange.redhat.com]On Behalf Of
> Joachim Leidinger
> Sent: Monday, February 25, 2002 11:56 AM
> To: interchange-users@interchange.redhat.com
> Subject: [ic] AlwaysSecure is not working
>
>
> Hi List,
>
> since IC Version 4.6.5 and IC 4.8.3,
>
> 3.4. AlwaysSecure
> -----------------
>
> Determines whether checkout page operations should always be secure.
> Set it to the pages that should always be secure, separated by spaces
> and/or tabs.
>
> AlwaysSecure ord/checkout
>
> is not working. Am I missing somethings?
>
> In normal case, if I call
>
> http://www.mydomain.com/cgi-bin/myshop/ord/checkout
>
> it should be secure by IC automatically. But why is that not working
> with IC? MV make this right!
>
> Any tips, hints and suggestions are very welcomes.
>
> Thanks!
>
> Joachim
Maybe because you bypassing IC and calling it in non-secure mode manually?
If your secure server is setup properly and you call the checkout page
with [area ord/checkout] or mv_nexpage from within a form, it will
be secure.
Also, if your form contains <FORM ACTION="[process secure=1]"
METHOD=POST>
the form would be processed securily I belive.
I don't recall that you could ever call the page directly as you have above
and have it refresh into secure mode, but I could be wrong. I always thought
the "always secure" option was so that IC could use the same tags, area and
page
along with mv_nextpage without having to specify a secure option each time
the page
was called from within another page.
Jerry