[ic] Detecting a secure page
Grant
emailgrant at gmail.com
Sun Jun 11 13:28:41 EDT 2006
> > I don't know why but none of the
> > following work for me to detect a secure page:
> >
> > [is-secure]
> > [env SERVER_PORT]
> > [if session shost]
> >
> It would be interesting to know which setups prevent the global
> $CGI::secure from being set. That variable is used by various parts
> of the Interchange core which would not function as designed/expected
> if the $CGI::secure variable is not set correctly.
>
> By the way, $CGI::secure is set from the value of the "HTTPS" environment
> variable (HTTP request environment - not the shell environment).
>
> You should be able to see the HTTPS variable if you put [env] on a test
> page and call it using a https URI. You should also be able to see 1
> or 0 returned from my [is-secure] tag, if it's all working as expected.
[env HTTPS] returns nothing via http or https.
> Perhaps there's a "problem" with later Apache versions. Has the name
> of the "HTTPS" environment variable changed recently? I hope not, but
> we can deal with it easily enough if it has. I always use Apache 1.3
> and mod_interchange, and it all still works for me. Some version
> numbers and link program types would be useful from posters to this
> thread.
Here's some version info:
apache-2.0.55-r1
mod_perl-2.0.2
interchange-5.2.0
Interchange::Link-1.9
Over a year ago Mike pinpointed what was preventing me from executing
CGI scripts such as that required by AWStats. I've taken a year off
from my business and the details have faded, but I believe it was
because of the nature of this block for Interchange::Link in
httpd.conf:
<Location />
SetHandler perl-script
PerlResponseHandler Interchange::Link
PerlOptions +GlobalRequest
PerlSetVar InterchangeServer /usr/local/interchange/etc/socket
PerlSetVar DropRequestList "/interchange-5 /favicon.ico /robots.txt
/_vti_bin/owssvr.dll /MSOffice/cltreq.asp"
PerlSetVar OrdinaryFileList "/catalog/images/"
</Location>
The solution had to do with setting up VirtualHost blocks inside
httpd.conf but I opted to ditch AWStats instead and I currently have
no VirtualHost blocks there at all. Could this have to do with my
inability to detect https?
- Grant
More information about the interchange-users
mailing list