[ic] Browser security warning... why?

Grant interchange-users@icdevgroup.org
Thu Sep 26 12:51:01 2002


>If you have a [bounce] on a secure page then the warning will be to
>inform users that although they submitted a form securely, they are
>being redirected to an insecure page.
>
>You may be able to avoid the message by bouncing to another secure
>page.  If not then try a 'META Refresh' with a couple of seconds delay
>and a notice to show users that they are being redirected.
>
>Another option would be to not use [bounce] at all and simply set your
>mv_nextpage to the actual target.  You could always use a mv_click
>or mv_check callback to handle whatever processing needs to be
>performed.

Kevin -

Here's my problem.  I have an Autoload that checks to see if the value of
variable "passcode" matches a certain value.  If it doesn't, the user is
bounced to the "enter_passcode" page where they enter the value for
"passcode" in an input=text field.

The problem with Autoload seems to be that when the form on the
"enter_passcode" page is submitted, the input=text field's value for
"passcode" doesn't get set to the IC variable of the same name (called with
[value passcode]) until AFTER the next Autoload is executed.  That means
[value passcode] can't be evaluated properly on that next page.

My solution was to set mv_nextpage to a temporary page which bounces the
user to the final destination (index) once it evaluates [value passcode]
IN-PAGE to see if the value is good.  Of course, now I've got the security
warning because I'm bouncing.

Would using mv_click or mv_check along with setting mv_nextpage directly to
index.html solve this?  I didn't think so after reading about them in the
docs.  Can you think of any way to make this work without a META Refresh?
Thank you for all your help!

- Grant