[ic] Detecting a secure page
emailgrant at gmail.com
Sun Jun 11 13:28:41 EDT 2006
> > I don't know why but none of the
> > following work for me to detect a secure page:
> > [is-secure]
> > [env SERVER_PORT]
> > [if session shost]
> It would be interesting to know which setups prevent the global
> $CGI::secure from being set. That variable is used by various parts
> of the Interchange core which would not function as designed/expected
> if the $CGI::secure variable is not set correctly.
> By the way, $CGI::secure is set from the value of the "HTTPS" environment
> variable (HTTP request environment - not the shell environment).
> You should be able to see the HTTPS variable if you put [env] on a test
> page and call it using a https URI. You should also be able to see 1
> or 0 returned from my [is-secure] tag, if it's all working as expected.
[env HTTPS] returns nothing via http or https.
> Perhaps there's a "problem" with later Apache versions. Has the name
> of the "HTTPS" environment variable changed recently? I hope not, but
> we can deal with it easily enough if it has. I always use Apache 1.3
> and mod_interchange, and it all still works for me. Some version
> numbers and link program types would be useful from posters to this
Here's some version info:
Over a year ago Mike pinpointed what was preventing me from executing
CGI scripts such as that required by AWStats. I've taken a year off
from my business and the details have faded, but I believe it was
because of the nature of this block for Interchange::Link in
PerlSetVar InterchangeServer /usr/local/interchange/etc/socket
PerlSetVar DropRequestList "/interchange-5 /favicon.ico /robots.txt
PerlSetVar OrdinaryFileList "/catalog/images/"
The solution had to do with setting up VirtualHost blocks inside
httpd.conf but I opted to ditch AWStats instead and I currently have
no VirtualHost blocks there at all. Could this have to do with my
inability to detect https?
More information about the interchange-users