HTTP vs HTTPS

Discussion in 'ASP .Net' started by Hai Nguyen, Feb 19, 2004.

  1. Hai Nguyen

    Hai Nguyen Guest

    Hi everyone !!

    I have a web application deloped on a web server. I have site A and site B
    both have link to this application. I want to check the URL from A and B.
    If it's correct with my allowed URL then I will let them advance. There is a
    sittuation occurs. Application A use HTTP and application B use HTTPS. I use
    Uri RemoteURL = Request.UrlReferrer to check if the URL is really from site
    A and site B and then match with my allowed string. Site A can pass the
    check point but B.

    I was wondering since B use HTTPS therefore it could not go through

    I may ask unclear. Help me if you can

    Thanks
     
    Hai Nguyen, Feb 19, 2004
    #1
    1. Advertising

  2. "Hai Nguyen" <> wrote in
    news::
    > is really from site A and site B and then match with my allowed string.
    > Site A can pass the check point but B.
    >
    > I was wondering since B use HTTPS therefore it could not go through


    You mean that A to B works but not B to A?

    Then yes - SSL has a lot of restrictions specifically related to security.


    --
    Chad Z. Hower (a.k.a. Kudzu) - http://www.hower.org/Kudzu/
    "Programming is an art form that fights back"
     
    Chad Z. Hower aka Kudzu, Feb 19, 2004
    #2
    1. Advertising

  3. A browser is forbidden to pass a HTTPS URL in the referrer to a non HTTPS
    server.

    Also note that the referrer header is completely insecure. I can hit your
    URL and pass up any referer I want.

    --
    Thanks,

    Eric Lawrence
    Program Manager
    Assistance and Worldwide Services

    This posting is provided "AS IS" with no warranties, and confers no rights.

    "Hai Nguyen" <> wrote in message
    news:...
    > Hi everyone !!
    >
    > I have a web application deloped on a web server. I have site A and site B
    > both have link to this application. I want to check the URL from A and B.
    > If it's correct with my allowed URL then I will let them advance. There is

    a
    > sittuation occurs. Application A use HTTP and application B use HTTPS. I

    use
    > Uri RemoteURL = Request.UrlReferrer to check if the URL is really from

    site
    > A and site B and then match with my allowed string. Site A can pass the
    > check point but B.
    >
    > I was wondering since B use HTTPS therefore it could not go through
    >
    > I may ask unclear. Help me if you can
    >
    > Thanks
    >
    >
     
    Eric Lawrence [MSFT], Feb 20, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. aftab

    HTTP to HTTPS

    aftab, Sep 28, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    3,387
    Leon Mayne [MVP]
    Oct 3, 2004
  2. Raymond Tam

    HTTPS to HTTP

    Raymond Tam, Aug 5, 2003, in forum: ASP .Net
    Replies:
    3
    Views:
    576
    Marco Scheel
    Aug 6, 2003
  3. Axel
    Replies:
    8
    Views:
    1,100
    Adrienne Boswell
    Apr 27, 2009
  4. jotto
    Replies:
    4
    Views:
    392
    jotto
    Oct 2, 2006
  5. Naveen Dhanuka
    Replies:
    1
    Views:
    286
Loading...

Share This Page