Not necessarily. I could easily set up any virtualhost on port 443 which
will be accessable by https://nasty.servername/ but will, in reality, not
necessarily be over a secure connection. $ENV{HTTPS}, on the other hand, is
set by mod_ssl, and is therefore a better sign to know that the connection
is really secure.
Issac
Internet is a wonderful mechanism for making a fool of
yourself in front of a very large audience.
--Anonymous
Moving the mouse won't get you into trouble... Clicking it might.
--Anonymous
PGP Key 0xE0FA561B - Fingerprint:
7E18 C018 D623 A57B 7F37 D902 8C84 7675 E0FA 561B
----- Original Message -----
From: "Geoffrey Young" <[EMAIL PROTECTED]>
To: "'João Pedro Gonçalves'" <[EMAIL PROTECTED]>; "brian moseley"
<[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, July 10, 2001 14:33
Subject: RE: detecting ssl
>
>
> > -----Original Message-----
> > From: João Pedro Gonçalves [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, July 10, 2001 9:08 AM
> > To: brian moseley
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: detecting ssl
> >
> >
> > This approach should be ok:
> >
> > my $s = $r->lookup_uri($r->uri);
> > my $ssl = $s->subprocess_env('HTTPS');
> >
> > I looked at this a while back and this is usually set internally
> > in apache by the ssl implementation.
>
> no need to do a lookup or rely on PerlSetupEnv On I wouldn't think...
>
> my $ssl = Apache::URI->parse($r)->scheme =~ m/^https/;
>
> ?
>
> --Geoff
>
