[FX.php List] [OFF] https per page?

Joel Shapiro jsfmp at earthlink.net
Mon Dec 7 18:44:09 MST 2009 

Hi again

Having full https... links makes it difficult to have a copy of the  
site on my development machine and be able to just copy pages over to  
the client's server (href="https://localhost/login.php" vs href="https://client.com/login.php 
")

Using the php script from that link below seems to work really well.

Can anybody see any reasons why it might be a bad/unsafe idea to use  
it?  This way, I can keep all my links relative, and the login and  
checkout pages will still *always* be https.

<?php
if ($_SERVER['SERVER_PORT']!=443)
{
$url = "https://". $_SERVER['SERVER_NAME'] . ":443". 
$_SERVER['REQUEST_URI'];
header("Location: $url");
}
?>

(I suppose I could use a variable for the domain with https links, but  
I kinda like this script)

-Joel


On Dec 7, 2009, at 4:45 PM, Joel Shapiro wrote:

> Thanks everybody
>
> It's good to hear that SSL doesn't really slow things down too  
> much.  I think I'll make the links to the login & checkout pages  
> full https... links, and then let users stay in https via relative  
> links to other pages on the site.
>
> FWIW: I had been thinking of checking in the PHP, via something like  
> this:
> <http://www.iis-aid.com/articles/how_to_guides/three_methods_redirect_http_https 
> >
>
> Best,
> -Joel
>
>
>
> On Dec 7, 2009, at 4:29 PM, Troy Meyers wrote:
>
>>> ...The thing about loading the page (say from a menu link) under  
>>> https is
>>> that the user could come from anywhere...
>>
>> On our site I use a Rewrite Rule to force every page to be https  
>> regardless of how it's approached.
>>
>> When we switched to this there was no noticeable slowdown. For us  
>> it's a good idea because every page has a little log in box (just  
>> so you can log in from any page an stay on the same page) and some  
>> users want their username prefilled in the box, and I don't want to  
>> be sending anything like that out in the clear. AND, as Bob said,  
>> people seem to like that "warm feeling" of already being secure.
>>
>> -Troy
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list

More information about the FX.php_List mailing list