[ic] DifferentSecure Problem / Question

Mike Heins mike at perusion.com
Mon Nov 24 09:00:03 EST 2003 

Quoting Shawn (zfalcon2001 at aol.com):
> 
>  > Quoting Mike Heins
> -- (Some Stuff Removed from Other Post) --
>  > > #1) DifferentSecure is defined as a boolean in Config.pm.
>  > > #2) There is no check to see if you have different secure defined in
>  > > Dispatch.pm when it replaces the scriptname based on CGI scriptname
>  > passed.
>  > >
>  > > Is this how DifferentSecure is suppose to be?
>  >
>  > Actually it is supposed to be gone -- it is not used anywhere. I think
>  > Racke made some changes that were supposed to negate the need for
>  > it.
>  >
>  > Also, we don't really support differing secure/non-secure URLs. If
>  > you do it, it is best to make all ordering operations point to the
>  > secure server. You are playing Russian roulette if you order to
>  > the basket on the non-secure and try to check out on the secure.
>  >
>  > This should all be well-covered in my monthly Secure FAQ posting.
>  >
>  > >
> 
> I am ordering and checking out from the secure url
> 
>  > I *assume* you are using 4.9.x, otherwise I have just wasted this
>  > time. 8-)
>  >
> 
> yup. version 4.9.9
> 
> here are my changes, 1 line in Config.pm and Dispatch.pm
> 
> Config.pm
> ----------
> 
> 480c480
> <       ['DifferentSecure',      'boolean',          ''],
> ---
>  >       ['DifferentSecure',      'yesno',            'No'],
> 
> Dispatch.pm
> -----------
> 
> 1017c1017
> <                       $Vend::Cfg->{SecureURL} =~ 
> s!$real!$CGI::script_name!;
> ---
>  >                       $Vend::Cfg->{SecureURL} =~ 
> s!$real!$CGI::script_name! unless $Vend::Cfg->{DifferentSecure};

So it is the alias substitution that is getting you.

The answer to this is not to put an alias on the interchange.cfg line:

    Catalog yourcat /home/catalogs/you/yourcat /cgi-bin/yourcat

not

    Catalog yourcat /home/catalogs/you/yourcat /cgi-bin/yourcat /cgi-bin/alias

When you set it to "boolean", you aren't getting what you think. The
"yesno" type is what you think of as the boolean; the way you
have it this will always be in force.

(The "boolean" type is intended to set a number of hash members true
 based upon their existence. In other words, 

	DifferentSecure  foo bar buz

 will become

	$Vend->{Cfg}{DifferentSecure} = { foo => 1, bar => 1, buz => 1 };

)

-- 
Mike Heins
Perusion -- Expert Interchange Consulting    http://www.perusion.com/
phone +1.765.647.1295      <mike at perusion.com>

Prove you aren't stupid.  Say NO to Passport.

More information about the interchange-users mailing list