[ic] AlwaysSecure is not working
Joachim Leidinger
interchange-users@interchange.redhat.com
Tue Feb 26 04:00:00 2002
cfm@maine.com wrote:
....
> > Why is IC checking the url, page and name for secure by AlwaysSecure in
> > that page and not recognizing that the calling page itself is to be
> > secure? What I mean is,
> >
> > AlwaysSecure a b c
> >
> > Page A has a link/url to b and c:
> >
> > Manual calling the page a in my browser is showing the page a *insecure*
> > and the link/url in that page to the page b and c *is* secure.
> >
> > I'm wondering! IC is knowing, which page is calling and parse that page
> > to check whether the another calling pages is set to be secure or not
> > and is not able to recognize the calling page itselft is to be secure?
>
> Yeah, I remember getting bitten by "AlwaysSecure" and concluding that
> might not have been the best name for the option.
Yes! I still think, it makes my page secure per default *allways*! :-)
> Why not write a little [usertag] to check path and permissions
> as appropriate for your setup and to send redirect elsewhere
> for failures?
That is a good idea! Thanks!
Hmmm...did Racke not use that kind of usertag or codes to check, whether
the calling page is secure or not?
Joachim
--
Hans-Joachim Leidinger | Dipl.-Phys.Ing. Entwicklung eCommerce
[leidinger@bpanet.de]
Black Point Arts Internet Solutions GmbH
http://www.bpanet.de