Rev CGI - transfer from http to https
Andre Garzia
andre at andregarzia.com
Sat Nov 1 12:45:27 EDT 2008
Richard,
Post to your cgi using HTTPS. In your first form change the action of
the form to a fully qualified url using HTTPS, then the answer from
the cgi will be encrypted. Be aware that to use HTTP without raising a
"possible danger" flag in the browser you need a blessed
certification, you may need to buy one if your host does not provide
you one.
Other way is to use a session mechanism and answer the cgi with a
simple html with a meta refresh header and then redirect to a secure
page. This has the same limitations as the approach above and is
harder to maintain, so I advise using the approach above before trying
the meta redirect. I am just telling you this second solution because
it is the only way a CGI response can change folders. For example your
cgi is coming from www.mydomain.com but your secure stuff is on
secure.mydomain.com, then a cgi running on the first domain, will only
be able to redirect to the second if it uses a Http Header redirect or
a Meta Refresh and sessions...
cheers
Andre
On Sat, Nov 1, 2008 at 2:29 PM, Richard Miller <wow at together.net> wrote:
> This is probably simple to do, but I'm not familiar with the process.
>
> Let's say I have a simple unsecured html form page (i.e. http://..) which
> captures, for example, a users desire to buy a given product. The form is
> submitted to my Rev CGI program. The program then sends back a
> dynamically-generated page which contains fields for capturing credit card
> information. I want this page to be a secure page, though (https:). How do I
> make this page come up as an https, since it was created on-the-fly?
>
> I already have a secure area of my web site, and I know I can easily have
> the first page (the static form page) start off in this secure area. Then
> everything that follows remains secure. But I prefer to have the first
> static page be unsecure (http).
>
> Thanks.
> Richard Miller
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>
--
http://www.andregarzia.com All We Do Is Code.
More information about the use-livecode
mailing list