Rev CGI - transfer from http to https

Richard Miller wow at together.net
Sun Nov 2 07:35:31 EST 2008


Thanks, Andre. I'm still working with this, but you've given me the  
information I need.
Best,
Richard



On Nov 1, 2008, at 12:45 PM, Andre Garzia wrote:

> Richard,
>
> Post to your cgi using HTTPS. In your first form change the action of
> the form to a fully qualified url using HTTPS, then the answer from
> the cgi will be encrypted. Be aware that to use HTTP without raising a
> "possible danger" flag in the browser you need a blessed
> certification, you may need to buy one if your host does not provide
> you one.
>
> Other way is to use a session mechanism and answer the cgi with a
> simple html with a meta refresh header and then redirect to a secure
> page. This has the same limitations as the approach above and is
> harder to maintain, so I advise using the approach above before trying
> the meta redirect. I am just telling you this second solution because
> it is the only way a CGI response can change folders. For example your
> cgi is coming from www.mydomain.com but your secure stuff is on
> secure.mydomain.com, then a cgi running on the first domain, will only
> be able to redirect to the second if it uses a Http Header redirect or
> a Meta Refresh and sessions...
>
> cheers
> Andre
>
> On Sat, Nov 1, 2008 at 2:29 PM, Richard Miller <wow at together.net>  
> wrote:
>> This is probably simple to do, but I'm not familiar with the process.
>>
>> Let's say I have a simple unsecured html form page (i.e.  
>> http://..) which
>> captures, for example, a users desire to buy a given product. The  
>> form is
>> submitted to my Rev CGI program. The program then sends back a
>> dynamically-generated page which contains fields for capturing  
>> credit card
>> information. I want this page to be a secure page, though  
>> (https:). How do I
>> make this page come up as an https, since it was created on-the-fly?
>>
>> I already have a secure area of my web site, and I know I can  
>> easily have
>> the first page (the static form page) start off in this secure  
>> area. Then
>> everything that follows remains secure. But I prefer to have the  
>> first
>> static page be unsecure (http).
>>
>> Thanks.
>> Richard Miller
>> _______________________________________________
>> use-revolution mailing list
>> use-revolution at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your  
>> subscription
>> preferences:
>> http://lists.runrev.com/mailman/listinfo/use-revolution
>>
>
>



More information about the use-livecode mailing list