Redirect strategies for coping with IE7

viktoras d. viktoras at ekoinf.net
Sat Jan 31 06:51:26 EST 2009 

Hi, Richard,

try using server side includes (ssi/shtml). For example this is a simple 
menu system where the same ssi template inserts different contents based 
on url clicked by user. URL should look like this 
http://my.site.net/ssi_page.shtml?target

<!--#if expr="$QUERY_STRING=''" -->/*if query string is empty, including 
contents from file called "intro"*/
<!--#include file="intro" -->
<!--#else -->/*else include file whose name is specified by target*/
<!--#include file="$QUERY_STRING" -->
<!--#endif -->

your target might be password or username as well and for each case you 
can specify include file manually, not necessary using parameter 
submitted in $QUERY_STRING. Mix the ssi directives with html  of webpage 
and this way you can include anything- ordinary text, contents of other 
web page, graphics, different css stylesheets, javascripts, etc:

<!--#if expr="$QUERY_STRING=/intro/ "   --> boo1.gif
<!--#elif expr="$QUERY_STRING=/portfolio/ "   -->portfelis.gif
<!--#elif expr="$QUERY_STRING=/partners/ "   -->partneriai.gif
<!--#elif expr="$QUERY_STRING=/research/ "   -->mokslas.gif
<!--#elif expr="$QUERY_STRING=/personali/ "   -->profilis.gif
<!--#elif expr="$QUERY_STRING=/contact/ "   -->kontaktai.gif
<!--#else -->paslaugos.gif<!--#endif -->

Now adding os and browser detection to the first example with inclusion 
of different contents:
<!--#if expr="$QUERY_STRING=''" -->/*if query string is empty, including 
contents from file called "intro"*/
<!--#include file="intro" -->
<!--#else -->/*else include file whose name is specified by target*/
     <!--#if expr="$HTTP_USER_AGENT = /Windows/ && $HTTP_USER_AGENT = 
/MSIE/" -->
    Windows and MS I.E zone
    <!--#include file="secret_folder/windz_msie.html" -->
    <!--#elif expr="$HTTP_USER_AGENT = /Linux/ && $HTTP_USER_AGENT = 
/Gecko/" -->
    Linux Netscape/Mozilla zone
    <!--#include file="other_secret_folder/linx_moz.html" -->
    <!--#else -->
   Other OS/browser combination zone:
   <!--#include file="another_secret_folder/otheroz_boo.html" -->
    <!--#endif -->
<!--#endif -->

And finaly put current year string into your copyright notice:
Copyright <!--#config timefmt="%Y" --><!--#echo var="DATE_LOCAL" --> 
CompanyName

It is also possible to hide the technology in use by adding some funny 
extension to .htaccess file of the directory with ssi pages:
AddType text/html .run
AddHandler server-parsed .run
DirectoryIndex index.run

Now instead of .shtml you can use .run extension and no one knows what 
technology hides behind your pages :-).

Also (alternative), you can detect os/browser and secret url strings 
using .htaccess only, but this is a bit more complicated comparing to 
ssi. For example the following will redirect to different pages based on 
browser in use:
Options +FollowSymLinks
RewriteEngine  on
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^Opera.*
RewriteRule ^$ /index_mozmsie.html [L]

RewriteCond %{HTTP_USER_AGENT} ^Lynx.*
RewriteRule ^$ /high_accessibility.shtml [L]

RewriteRule ^$ /high_accessibility.shtml [L]

In this example mozilla/opera/msie requests are redirected to 
index_mozmsie.html and lynx users - to high_accessibility.shtml. If user 
is not clear (e.g. mobile phones) it redirects to 
high_accessibility.shtml page again.

And if you add something like to the .htaccess:
RewriteCond %{HTTP_HOST} ^www.othersite.org [NC]
RewriteRule ^(.*)$ http://mysite.org/alternative_index.shtml [L]

then all requests to http://www.othersite.org on your server will be 
redirected to http://mysite.org/alternative_index.shtml

Best wishes!
Viktoras


Richard Gaskin wrote:
> I have some content which I want protected against most visitors to my 
> site, but some I want to grant access.
>
> htaccess would seem the logical route, but I also want to provide a 
> zero-login option for those people I want to grant access.
>
> For the non-Microsoft world I could provide a URL with the htaccess 
> login and password embedded:
>
>   http://user:pass@domain.com/content/
>
> But IE7 doesn't allow URLs with embedded passwords. :(
>
> I've tried a CGI that does its own authentication and then redirects, 
> but even redirecting to a URL like the one above with an embedded 
> password is not allowed with IE.
>
> How can I protect that directory and also provide access to the folder 
> for those I give a login and password to, without requiring them to 
> manually log in each time?
>
> -- 
>  Richard Gaskin
>  Fourth World
>  Revolution training and consulting: http://www.fourthworld.com
>  Webzine for Rev developers: http://www.revjournal.com
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your 
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>

More information about the use-livecode mailing list