[ic] AlwaysSecure is not working
Joachim Leidinger
interchange-users@interchange.redhat.com
Mon Feb 25 14:50:00 2002
Kevin Walsh wrote:
>
> >
> > AlwaysSecure ord/checkout
> >
> > is not working. Am I missing somethings?
> >
> > In normal case, if I call
> >
> > http://www.mydomain.com/cgi-bin/myshop/ord/checkout
> >
> > it should be secure by IC automatically. But why is that not working
> > with IC? MV make this right!
> >
> If you hard-code http, you get http and not https, as you would
> expect.
>
> If you use [area href="ord/checkout" secure=1] then the tag will
> generate an https URL. If you have AlwaysSecure set for the page
> then the secure=1 is irrelevant; the page URL will always generated
> using https. This works for [area], [page] and other tags that
> generate URLs.
>
> Basically, if you hard-code it, you get what you ask for. Never
> hard-code internal URLs when you could be using [area] or [page].
Yes! Right! Maybe I'm a stupid paranoia boy. But why not make a page
secure by IC, if that page is set by AlwaysSecure?
Thanks!
Joachim
--
Hans-Joachim Leidinger | Dipl.-Phys.Ing. Entwicklung eCommerce
[leidinger@bpanet.de]
Black Point Arts Internet Solutions GmbH
http://www.bpanet.de