[ic] Ask Jeeves frames - secure page issue
jon at endpoint.com
Fri Aug 27 16:36:28 EDT 2004
On Fri, 27 Aug 2004, John1 wrote:
> It has been brought to our attention by one of our customers that if you get
> to our site via the UK Ask Jeeves search engine then when placing an order,
> the order page is not secure. i.e. rather than change to SSL mode the
> order page is a normal insecure page.
> This seemed an odd suggestion, but on investigation I found this was indeed
> the case!
> The problem is that when clicking on a UK Ask Jeeves link you are not
> redirected directly to the website. Instead, the website is embedded as a
> frame within the UK Ask Jeeves site. Basically you just get the AskJeeves
> banner across the top of your website. Very annoying feature! I tested
> www.ask.com and it seems that this does not employ the same "feature" - only
> The URL looks something like this
> Anybody any ideas how to get round this - i.e. always make the order page
> secure even if the website is embedded as a frame in the AskJeeves website?
> Or better still, is there a way to bounce the page to the real website -
> i.e. force the frame to be removed?
The best way to force a page to be secure is to force it with
AlwaysSecure and ExtraSecure in Interchange's catalog.cfg:
Then also have your webserver redirect any non-secure accesses to it to
the https equivalent. For Apache, use mod_rewrite:
End Point Corporation
Software development with Interchange, Perl, PostgreSQL, Apache, Linux, ...
More information about the interchange-users