[ic] Detecting a secure page
Peter
peter at pajamian.dhs.org
Sat Jun 10 17:16:17 EDT 2006
On 06/10/2006 08:33 AM, Grant wrote:
> I do use the Interchange::Link module and a non-standard IC catalog so
> maybe that's why. I could evaluate the first 5 characters on the
> current URL to determine 'http:' or 'https'. Does anyone know how to
> do that in perl?
That part of the URL is never actually sent to the webserver, the
browser uses it to determine which protocol to use and what port to
connect to and then discards it.
All of the above methods rely in some form or another on the web server
setting an environment variable to indicate whether the connection is
secure or not. It's very possible that the webserver could be
configured to not set the environment variable. This tends to explain
why different people have had luck with different environment variables.
Some other things to try:
If you use a different domain name for secure connections than insecure
connections you can check the HTTP_HOST environment variable to see
which domain was called.
As a last ditch method and one that should always work, you can set your
own environment variable to indicate whether the connection is secure or
not in your web server's configuration file, you could put:
SetEnv SECURE 1
...in the virtual host section for your https connections, then test for
that environment variable inside Interchange.
Peter
More information about the interchange-users
mailing list