[ic] ExtraSecure and special_pages/violation

Thomas J.M. Burton tom at globalfocusdm.com
Wed Dec 30 18:44:41 UTC 2009

Jon Jensen wrote:
> On Thu, 17 Dec 2009, Thomas J.M. Burton wrote:
>> Upon further evaluation, it seems that the most appropriate solution to
>> this would be to revise lib/Vend/Page.pm and change the way that
>> AlwaysSecure pages are handled when ExtraSecure is enabled.
>> Specifically, that would be lines 105-109:
>>         if($Vend::Cfg->{ExtraSecure} and
>>                 $Vend::Cfg->{AlwaysSecure}->{$name}
>>                 and !$CGI::secure) {
>>                 $name = find_special_page('violation');
>>         }
>> Rather than sending users to the violation page in that situation,
>> shouldn't it be redirecting the requested URL via https? Unless
>> there's a reason for sending those requests to the violation page,
>> that would seem like the most efficient solution. Otherwise, the
>> checks performed in Page.pm would need to be repeated in the
>> violation page, which seems redundant and inefficient.
>> If changing Page.pm would be the appropriate solution, I'm not sure
>> of the most efficient way to do so.
> Good points.
> See the code for BounceReferrals in Vend::Dispatch for an example of
> how to redirect.
> Let me know if you get stuck on the coding.

Thanks for the pointers, Jon! I had a few other things I needed to tend
to and just got back to this.

Since I'm running IC v5.4.2, my server's Dispatch.pm doesn't have
BounceReferrals. I did look at the recent version through the GitHub
though and am wondering if the redirect method used in the
BounceReferrals code will work with v5.4.2 or not.

Also, am I correct that lines 1568 through 1591 would be what I'd want
to try using (or at least use as a starting point)?


Global Focus Digital Media, LLC


More information about the interchange-users mailing list