On 6/2/06, William Scott Jordan <[EMAIL PROTECTED]> wrote:
For the most part, this just means that we need to change the style sheet and use Company X's URL instead of our own.
What I'm leaning toward doing is grabbing the Host from the HTTP headers and using that to dictate which style sheet is delivered. Are there any inherent risks with controlling things this way?
Not really. Truly ancient pre-historic browsers won't send a Host: header, but they wouldn't llikely know how to render the stylesheet anyway. So practically speaking, I can't think of any risks.
And then the bigger question is, is there any way to tell AOLserver which SSL cert to use, based on the host information?
Here you'll have a problem. The SSL handshaking (and exchange of certs) occurs before AOLserver receives the HTTP request, so there is no way to introspect the header and pick the appropriate SSL cert. In this case you'll need a unique IP/cert pair.
Any advise on this would be greatly appreciated.
Michael -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
