On a related note: When doing a secure post from a non-secure page, a new cfid and cftoken could wind up being generated if you are visiting with a Netscape browser (i.e. you lose state). On your form submission page, unless you take steps to solve the problem, NN users could have a new session. The form post works fine in IE.
I just had this happen to me yesterday. Hacked out a solution that passed the urltoken via the form post, and then reset cfid and cftoken to the original values on the post page. I think part of the problem lies with NN thinking cookies for 'abc.com' and 'www.abc.com' don't apply to one another. Not sure about that, though. I haven't fully researched this yet. If anyone has specifics please pass 'em along. --------------------------------------- Matt Robertson, MSB Designs, Inc. http://mysecretbase.com - Retail http://foohbar.org - ColdFusion Tools --------------------------------------- ---------- Original Message ---------------------------------- from: "charlie griefer" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] date: Fri, 15 Nov 2002 13:44:01 -0700 >Hello List: > >Company i work for is ready to start accepting credit cards online. I know >very little of e-commerce and ssl and all that good stuff. > >the bank said there were java and php modules that existed to do ssl posts, >so he's sure there must be a cf one as well. > >first question is...what is an ssl post? sounds to me like just posting a >form to an https address instead of an http address. is that incorrect? > >do i, in fact, need any special cf tags/code to do this? > >thanks, >charlie > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
