Comments on: Detecting and redirecting http to https http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/ Rich Internet Application development Tue, 31 Jan 2012 15:10:27 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: David Levin http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-143123 David Levin Tue, 08 Nov 2011 17:34:29 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-143123 I like your method much better than using CGI variables. It might be one or two more lines of code but I feel it's worth it because it gives you more control over the redirect. Nice work. :) I like your method much better than using CGI variables. It might be one or two more lines of code but I feel it’s worth it because it gives you more control over the redirect. Nice work. :)

]]> By: ColdFusion Nerd http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-123818 ColdFusion Nerd Thu, 16 Dec 2010 17:23:01 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-123818 Michael, great post! This came in very handy for me today when I as in a bind. Pulled it up via Google keyword search and it worked like a charm. I owe you a coffee. Michael, great post! This came in very handy for me today when I as in a bind. Pulled it up via Google keyword search and it worked like a charm. I owe you a coffee.

]]> By: Michael Sharman http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-119666 Michael Sharman Wed, 08 Sep 2010 22:26:30 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-119666 @Ragdoll - in my example above the performance hit would be tiny, nothing I would ever worry about as it's really just checking the value of existing variables. That being said we had issues recently using this snippet on railo, but we had a workaround for that. In your case I'd always load GA code (the new code inside the header) using the example that Google provides. Let them worry about if/when the site is being accessed securely or not. @Ragdoll – in my example above the performance hit would be tiny, nothing I would ever worry about as it’s really just checking the value of existing variables. That being said we had issues recently using this snippet on railo, but we had a workaround for that.

In your case I’d always load GA code (the new code inside the header) using the example that Google provides. Let them worry about if/when the site is being accessed securely or not.

]]> By: Ragdoll http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-119556 Ragdoll Fri, 03 Sep 2010 22:11:11 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-119556 What's the performance hit on this? I'd like to detect whether the connection is secure, and if it is, import the secure Google Analytics code, and if it's not secure, import the regular code. Is this the best way to do it? I imagine the server will be checking for security when every page loads, and that sounds a bit resource-intensive. What’s the performance hit on this? I’d like to detect whether the connection is secure, and if it is, import the secure Google Analytics code, and if it’s not secure, import the regular code.

Is this the best way to do it? I imagine the server will be checking for security when every page loads, and that sounds a bit resource-intensive.

]]> By: Michael Sharman - chapter31 » Detecting https across Railo and ColdFusion Server http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-114072 Michael Sharman - chapter31 » Detecting https across Railo and ColdFusion Server Wed, 03 Mar 2010 03:15:00 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-114072 [...] I had a way of detecting whether page requests were being made via ssl but today I came across a scenario where this doesn’t work. Let me [...] [...] I had a way of detecting whether page requests were being made via ssl but today I came across a scenario where this doesn’t work. Let me [...]

]]> By: Joshua Morehouse http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-110489 Joshua Morehouse Thu, 19 Nov 2009 14:46:12 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-110489 Thanks for this, worked great to redirect some login pages. Thanks for this, worked great to redirect some login pages.

]]> By: Michael Sharman http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-100937 Michael Sharman Wed, 20 May 2009 09:37:52 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-100937 Not sure what I can tell you except I have it running in multiple production sites! Here is a slightly different version...from a live site: Inside onRequestStart() ------------------------------------------ <cfscript> oRequest = getPageContext().getRequest(); request.isSecure = oRequest.isSecure(); </cfscript> Inside a shopping cart page ------------------------------------------ <cfif NOT request.isSecure> <cflocation url="#application.config.httpsURL#" addtoken="false"> </cfif> Not sure what I can tell you except I have it running in multiple production sites! Here is a slightly different version…from a live site:

Inside onRequestStart()
——————————————
<cfscript>
oRequest = getPageContext().getRequest();
request.isSecure = oRequest.isSecure();
</cfscript>

Inside a shopping cart page
——————————————
<cfif NOT request.isSecure>
<cflocation url=”#application.config.httpsURL#” addtoken=”false”>
</cfif>

]]> By: Nikos http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-100933 Nikos Wed, 20 May 2009 08:41:32 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-100933 Yeah I've put cfif NOT oRequest.isSecure() in but I still get the same problem. I've also cleared my browser cache Yeah I’ve put cfif NOT oRequest.isSecure() in but I still get the same problem.

I’ve also cleared my browser cache

]]> By: Michael Sharman http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-100912 Michael Sharman Wed, 20 May 2009 04:18:59 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-100912 @Nikos - Not sure if this page was caching on an old draft, the 3rd example works fine but you should check that you have cfif NOT oRequest.isSecure() Note the "isSecure()" @Nikos – Not sure if this page was caching on an old draft, the 3rd example works fine but you should check that you have

cfif NOT oRequest.isSecure()

Note the “isSecure()”

]]> By: Nikos http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/comment-page-1/#comment-100823 Nikos Tue, 19 May 2009 13:03:35 +0000 http://www.chapter31.com/2007/07/21/detecting-and-redirecting-http-to-https/#comment-100823 the 3rd piece of code puts me in an infinite loop the 3rd piece of code puts me in an infinite loop

]]>