redirect from https to http w/o security warning

G

Guest

I'm sending users to a secure page https to fill out a registration form.
When they're done I show a thank you page. I need to return the user to http
mode after filling out the form.

If I use response.redirect I get a security warning when transitioning from
https to http. Is there an accepted way to avoid having the user see this?

Thanks.
 
S

Swanand Mokashi

Have you tried using Server.transfer instead? that way the url may remain
the same and you will not have the issue.


--
Swanand Mokashi
Microsoft Certified Solution Developer (.NET) - Early Achiever
Microsoft Certified Application Developer (.NET)

http://www.dotnetgenerics.com/
DotNetGenerics.com -- anything and everything about Microsoft .NET
technology ...

http://www.swanandmokashi.com/
http://www.swanandmokashi.com/HomePage/WebServices/
Home of the Stock Quotes, Quote of the day and Horoscope web services
 
G

Guest

No that will only delay the ineviteable, as they can choose other pages from
the main navigation which don't use transfer or redirect.
 
S

Swanand Mokashi

Ok -- I thought you just needed it for this page.

The warning message when you move from https to http is by design on the
browser. You don't want to override that behavior

--
Swanand Mokashi
Microsoft Certified Solution Developer (.NET) - Early Achiever
Microsoft Certified Application Developer (.NET)

http://www.dotnetgenerics.com/
DotNetGenerics.com -- anything and everything about Microsoft .NET
technology ...

http://www.swanandmokashi.com/
http://www.swanandmokashi.com/HomePage/WebServices/
Home of the Stock Quotes, Quote of the day and Horoscope web services
 
J

Jeff Dillon

I've seen many websites that allow you to go from https to http without the
popup.
 
J

Juan T. Llibre

That's because they don't include both secure and non-secure items in the same page.

The warning is only sent when both secure
and non-secure items are included in the same page.
 
A

april198474

Joined
Sep 17, 2009
Messages
4
Reaction score
0
redirect https to http without warning

Should do for https to http
Quote:RewriteEngine On
RewriteCond %{SERVER_PORT} !^80$
RewriteRule ^.*$ http: //%{SERVER_NAME}%{REQUEST_URI} [L,R]

But keep in mind that anyway all users will get the cert warning if it does not fit a known CA, or it is invalid, or it does not fit the hostname etc. anyway. Only _after_ establishing the ssl conn the rewrite request will be processed.

Also this config needs to be done for every user (afaik you can not set those rewrite rules for all vhosts from a global base?!)



__________________________

April198474

Free chat software for you
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Auto redirect http to https 1
http to https redirect 4
Redirect From https to http 2
http to https redirect 4
Avoid security warning when switch from pageA(https) to PageB (http). 0
security warning with https 5
Trying to figure out http request POST phrasing 1
switching between https and http 0

Members online

Total: 31 (members: 1, guests: 30)
Robots: 639

Forum statistics

Threads
473,769
Messages
2,569,582
Members
45,057
Latest member
KetoBeezACVGummies

Latest Threads

Top