[ic] Ask Jeeves frames - secure page issue

John1 list_subscriber at yahoo.co.uk
Sat Aug 28 15:04:20 EDT 2004


On Friday, August 27, 2004 9:36 PM, jon at endpoint.com wrote:

> On Fri, 27 Aug 2004, John1 wrote:
>
>> Anybody any ideas how to get round this - i.e. always make the order
>> page secure even if the website is embedded as a frame in the
>> AskJeeves website? Or better still, is there a way to bounce the
>> page to the real website - i.e. force the frame to be removed?
>
> The best way to force a page to be secure is to force it with
> AlwaysSecure and ExtraSecure in Interchange's catalog.cfg:
>
> http://www.icdevgroup.org/interchange-doc-5.2.0/frames/icconfig_78.html
> http://www.icdevgroup.org/interchange-doc-5.2.0/frames/icconfig_102.html
>
> Then also have your webserver redirect any non-secure accesses to it
> to the https equivalent. For Apache, use mod_rewrite:
>
> http://httpd.apache.org/docs-2.0/mod/mod_rewrite.html#rewriterule
>
> You can use simple JavaScript code on your pages to break out of a
> frame:
>
> http://www.thesitewizard.com/archive/framebreak.shtml
>
Thanks a lot for thesitewizard link Jon!  I've implemented the JavaScript
suggestion and it works a treat.  :-)

I am actually a little nervous about using JavaScript - there seem to be
sooo many sites out there that contain broken JavaScript - so often I get
the pop-up box "A runtime error has occured - Do you wish to debug" even on
seemingly well designed sites.  This has just put me off using JavaScript as
I have assumed that it can't be relied upon to run smoothly on different
browser platforms.  Is this a reasonable concern, or is it just me?  :-)

I assume that as long as I surround any JavaScript with <!-- the script -->
then the web pages should still *always* display without a problem in
browsers where JavaScript has been disabled - is this a fair assumption?  If
JavaScript is disabled will the <BODY onload="breakout_of_frame()"> cause a
problem?

Also, should I be worried about the performance impact of running a
breakout_of_frame script when *each* page is loaded?  On a modern PC are we
talking about micro-seconds or milli-seconds to run a small onload
JavaScript?  Also, if I put the scipts in a scripts.js file, will the
browser cache the js file?

Similarly, is there much of a performance overhead to running mod_rewrite?
Micro-seconds or milli-seconds per page :-)  ?  Thanks



More information about the interchange-users mailing list