Make a link https without full url?

[ZeratulsDomain]

I am using relative paths for my URL's, so
<a href="somefile.php">somefile</a>

My domain can be access by
http://mydomain.com
http://www.mydomain.com
https://mydomain.com
https://www.mydomain.com

So without always specifying the entire URL, how can I make a link HTTPS and other links regular HTTP?

In other words if im on an HTTPS page, I do not want my relative path links to also be HTTPS (id rather it only be the registration page). On top of that, if I include the entire URL then it may send the user to the www version or virse-versa <- and if I changed the domain name it would be a nightmare)

So I guess what im asking is how can I make a page HTTPS without specifying the entire URL?

[George88]

On the target page you can use something like:

PHP Code:

if($_SERVER['HTTPS'] != "on")
{
    $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header("Location: $redirect");
} 


This will force the page to become HTTPS. You can also alter the condition and force HTTP.

[svidgen]

On the target page you can use something like:

PHP Code:

if($_SERVER['HTTPS'] != "on")
{
    $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header("Location: $redirect");
} 


This will force the page to become HTTPS. You can also alter the condition and force HTTP.

This is a good solution if you're not concerned about sending the initial request in plain text. My recommendation would be run everything over SSL: install the above in all pages (in your template or whatever) and use relative links for everything.

No need to worry about switching between HTTP and HTTPS. You drastically reduce the odds of leaking a session cookie or set of credentials through a random insecure request. And the overhead of performing the encryption is far less significant than it used to be.

[absolutmgd13]

you should just be able to use '//' without 'https:'. for example: //webdeveloper.com.