[ic] Detecting a secure page

Peter peter at pajamian.dhs.org
Sat Jun 10 17:16:17 EDT 2006

On 06/10/2006 08:33 AM, Grant wrote:
> I do use the Interchange::Link module and a non-standard IC catalog so
> maybe that's why.  I could evaluate the first 5 characters on the
> current URL to determine 'http:' or 'https'.  Does anyone know how to
> do that in perl?

That part of the URL is never actually sent to the webserver, the 
browser uses it to determine which protocol to use and what port to 
connect to and then discards it.

All of the above methods rely in some form or another on the web server 
setting an environment variable to indicate whether the connection is 
secure or not.  It's very possible that the webserver could be 
configured to not set the environment variable.  This tends to explain 
why different people have had luck with different environment variables.

Some other things to try:

If you use a different domain name for secure connections than insecure 
connections you can check the HTTP_HOST environment variable to see 
which domain was called.

As a last ditch method and one that should always work, you can set your 
own environment variable to indicate whether the connection is secure or 
not in your web server's configuration file, you could put:


...in the virtual host section for your https connections, then test for 
that environment variable inside Interchange.


More information about the interchange-users mailing list