In my appController I plan to check if a secure controller/action is being referred to, and if so, redirect to https (assuming we are not already https).
Similiarly, if a nonsecure controller/action is being referred to (excluding webroot), I plan to redirect to http (assuming we are not already http). This way I am in https for the minimum amount of time. Does this make sense? Or, is it better to just put the entire site in https? Does switching in and out of https incur any significant performance overhead? Will (cake) sessions survive from https to http and back? Can anyone forsee any gotchas with form submission, or other? Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
