Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / .NET Framework / New Users / October 2004

Tip: Looking for answers? Try searching our database.

HTTP to HTTPS

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
aftab - 28 Sep 2004 07:15 GMT
Hi,
   I have a problem, I have been doing a website and it
   needs to be made secure, so we have installed versign
   in the webserver.
   Now the problem is I have a set of .aspx pages which i
   will transfer data from page to another page using
   server.transfer.

   To change the protocol from http to https i just
   parse with replace function like the one below
      str_REFERRER = Replace(Request.ServerVariables("HTTP_REFERER"),
"Travel_Info.aspx", "")

If str_REFERRER <> "" Then

       str_REFERRER = Replace(str_REFERRER, "http://", "https://")

       str_REFERRER = Replace(str_REFERRER, "User_Entry.aspx?TXR=GRE", "")

       Response.Redirect(str_REFERRER + "Details.aspx?" + str)

end if

I have used Response.redirect to do this but when i use response.redirect
the Form data  like text box values,context.items etc. cannot be transferred
except

if we use server.transfer then the transfer of values is  possible but it
gives error saying "INVALID CHILD REQUEST...." error when

i change the protocol to https with server.transfer

server.transfer(https://www.mysite.com/details.aspx) is not possible?

pls give me solution of how to use server.transfer with https protocol so
that all my form values also get transfer.
Reply to this Message
Jonathan Allen - 28 Sep 2004 23:08 GMT
1. You need to redirect them to the secure page BEFORE they fill in the
form. If you wait until they hit the ok/save/continue button, it is too
late.

2. Request.Redirect never saves form data. It tells the browser to stop what
it is doing an go to the new page.

Signature

Jonathan Allen

> Hi,
>     I have a problem, I have been doing a website and it
[quoted text clipped - 32 lines]
> pls give me solution of how to use server.transfer with https protocol so
> that all my form values also get transfer.
Reply to this Message
Leon Mayne [MVP] - 03 Oct 2004 19:21 GMT
It's best to start from a secure page in the first place so that all
redirects can be left relative and will be secure. If you're worried about
users visiting pages without SSL then you can set a directory to require SSL
by configuring it in the IIS snap-in:

1) Right click on the virtual directory you want to protect and click
'properties'
2) Select the 'directory security' tab
3) Under 'secure communications' click 'edit'
4) Make sure 'Require secure channel (SSL)' is checked

If users then try to access your pages using http:// they will get an error
telling them to use https:// instead.
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.