[ic] ExtraSecure and special_pages/violation
Thomas J.M. Burton
tom at globalfocusdm.com
Wed Dec 30 18:44:41 UTC 2009
Jon Jensen wrote:
> On Thu, 17 Dec 2009, Thomas J.M. Burton wrote:
>
>> Upon further evaluation, it seems that the most appropriate solution to
>> this would be to revise lib/Vend/Page.pm and change the way that
>> AlwaysSecure pages are handled when ExtraSecure is enabled.
>> Specifically, that would be lines 105-109:
>>
>> if($Vend::Cfg->{ExtraSecure} and
>> $Vend::Cfg->{AlwaysSecure}->{$name}
>> and !$CGI::secure) {
>> $name = find_special_page('violation');
>> }
>>
>> Rather than sending users to the violation page in that situation,
>> shouldn't it be redirecting the requested URL via https? Unless
>> there's a reason for sending those requests to the violation page,
>> that would seem like the most efficient solution. Otherwise, the
>> checks performed in Page.pm would need to be repeated in the
>> violation page, which seems redundant and inefficient.
>>
>> If changing Page.pm would be the appropriate solution, I'm not sure
>> of the most efficient way to do so.
>
> Good points.
>
> See the code for BounceReferrals in Vend::Dispatch for an example of
> how to redirect.
>
> Let me know if you get stuck on the coding.
Thanks for the pointers, Jon! I had a few other things I needed to tend
to and just got back to this.
Since I'm running IC v5.4.2, my server's Dispatch.pm doesn't have
BounceReferrals. I did look at the recent version through the GitHub
though and am wondering if the redirect method used in the
BounceReferrals code will work with v5.4.2 or not.
Also, am I correct that lines 1568 through 1591 would be what I'd want
to try using (or at least use as a starting point)?
Thanks!
Tom
--
_______________________________
Global Focus Digital Media, LLC
www.globalfocusdm.com
!DSPAM:4b3b9f9b76211702511019!
More information about the interchange-users
mailing list