[ic] Detecting a secure page

Kevin Walsh kevin at cursor.biz
Fri Jun 16 14:36:25 EDT 2006

Grant <emailgrant at gmail.com> wrote:
> I tested the new patch and I'm very happy to report it is working
> great.  It does not seem to cause any problems with my store, the
> extra ENV variables are being set, and HTTPS detection is working
> great.  I still can't use [if session shost] but the other methods of
> detection are working.  Thank you very much for fixing
> Interchange::Link and I suggest the changes are merged with the
> Link.pm in CVS.
[if session shost] will only be set if the user has cookies switched
off.  The variable probably isn't a lot of use to you anyway;  It does
NOT indicate whether the current request was posted via SSL.

I'll get the patch into CVS later, if no problems are reported today.

> Racke mentions here:
> http://www.icdevgroup.org/pipermail/interchange-users/2002-October/028244.html
> that "querying CGI::secure fails sometimes" so he evaluates the HTTPS
> ENV variable directly.  I guess I'll go ahead and do that.  Any reason
> I shouldn't?
$CGI::secure is set from HTTPS.  If one is set then the other should be
set as well.  I don't know what Racke meant by "sometimes".  Perhaps it's
a case of "available on some setups but not on others."  It's quite
serious for $CGI::secure to not be set, as it's used in several places
within Interchange.  I'd advise you to stick with $CGI::secure and report
any problems.  I've never had a problem with it.

   _/   _/  _/_/_/_/  _/    _/  _/_/_/  _/    _/
  _/_/_/   _/_/      _/    _/    _/    _/_/  _/   K e v i n   W a l s h
 _/ _/    _/          _/ _/     _/    _/  _/_/    kevin at cursor.biz
_/   _/  _/_/_/_/      _/    _/_/_/  _/    _/

More information about the interchange-users mailing list