[ic] Detecting a secure page
Kevin Walsh
kevin at cursor.biz
Sun Jun 11 14:43:03 EDT 2006
Grant <emailgrant at gmail.com> wrote:
> > By the way, $CGI::secure is set from the value of the "HTTPS" environment
> > variable (HTTP request environment - not the shell environment).
> >
> > You should be able to see the HTTPS variable if you put [env] on a test
> > page and call it using a https URI. You should also be able to see 1
> > or 0 returned from my [is-secure] tag, if it's all working as expected.
> >
> [env HTTPS] returns nothing via http or https.
>
Try just putting [env] on the page and see what else is available.
Interchange relies upon $CGI::secure in various places, so this
will need to be fixed.
> >
> > Perhaps there's a "problem" with later Apache versions. Has the name
> > of the "HTTPS" environment variable changed recently? I hope not, but
> > we can deal with it easily enough if it has. I always use Apache 1.3
> > and mod_interchange, and it all still works for me. Some version
> > numbers and link program types would be useful from posters to this
> > thread.
> >
> Here's some version info:
>
> apache-2.0.55-r1
> mod_perl-2.0.2
> interchange-5.2.0
> Interchange::Link-1.9
>
It would be interesting to see what environment variables you do get
from [env] and which of the above packages causes the HTTPS variable
to not get set in the environment for secure pages. A package and
version comparison with others who have the same problem will help
here.
I don't use any of the above versions, by the way.
>
> The solution had to do with setting up VirtualHost blocks inside
> httpd.conf but I opted to ditch AWStats instead and I currently have
> no VirtualHost blocks there at all. Could this have to do with my
> inability to detect https?
>
I don't know, but I doubt it.
--
_/ _/ _/_/_/_/ _/ _/ _/_/_/ _/ _/
_/_/_/ _/_/ _/ _/ _/ _/_/ _/ K e v i n W a l s h
_/ _/ _/ _/ _/ _/ _/ _/_/ kevin at cursor.biz
_/ _/ _/_/_/_/ _/ _/_/_/ _/ _/
More information about the interchange-users
mailing list