www.webdeveloper.com
Results 1 to 4 of 4

Thread: .asp to force a site from http to https

  1. #1
    Join Date
    Jan 2007
    Posts
    1

    Question .asp to force a site from http to https

    Hi
    I have a problem

    I am currently using .asp to force a site from http to https. When the page is hit, it checks if the port is https. If not it rebuilds the page url and redirects to it. See below:
    ---------------------------------------------
    If Request.ServerVariables("SERVER_PORT") <> 443 Then 'this should only happen when coming from showpolicy page.
    Dim strSecureURL

    strSecureURL = "https://"
    strSecureURL = "http://"
    strSecureURL = strSecureURL & Request.ServerVariables("SERVER_NAME")
    strSecureURL = strSecureURL & Request.ServerVariables("URL") strSecureURL= strSecureURL & "?" & request.servervariables("query_string")

    Response.Redirect strSecureURL
    End If
    -----------------------------------------------

    The problem with this is that when i do the force from http to https when a form submission has been made i am losing the posted form data during the redirect.

    Is it possible to configure IIS so that it knows which pages in a site must be run in SSL so it does the force itself without losing the posted form data?

    Thanks!

    DTM

  2. #2
    Join Date
    Feb 2003
    Posts
    2,745
    yes, can let it only listen on 443, have a one page site listening on 80 that has one line in that one page redirecting to https. or via script, can include your script on every page, thus ensuring the form is presented over 443. or, can put absolute path in action of form -- instead of action="myFile.asp" say action="https://mysite.com/myFile.asp"

  3. #3
    Join Date
    Feb 2003
    Posts
    2,745
    i mis-read your post. as far as i know, cant tell iis to ensure only certain pages are served only over 443.

    in a larger site, it is common to have most pages on 80 and the few critical input pages over 443.

    what i do is make sure all the links are correct (https vs http) and use a script similar to yours on the form pages -- in other words, make sure to catch it b4 they submit.

    if u have a QA department, this should be one of the things they check religiously...

  4. #4
    Join Date
    Jan 2007
    Posts
    2
    how do i get traffic to a new website.i am just getting started.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles