Hi Mark
Mark Stosberg wrote:
Dan,
... I have a few questions about these requirements:
* If the param 'require_ssl' is present in the instance script,
everything accessed through it will be protected.
* If the subroutine attribute 'RequireSSL' is used, an individual
runmode will be protected.
* If the param 'rewrite_to_ssl' is present, any run modes that are
labeled as 'RequireSSL' (or all run modes if the param
'require_ssl' is present) that are accessed as non-SSL will be
redirected to the same run mode but as HTTPS.
I'm not sure I understand what is meant by "protected." Does this mean
an error is raised if standard HTTP is used when HTTPS is required?
Some will want an error, others will want an auto-redirect. The smart
default seems to be to redirect if you can, throw an error if you
can't.
Whoops, I may have jumped the gun here. I didn't think anyone was going
to reply to my email and as my project's under severe time pressure, I
went ahead and wrote the plugin as I interpreted the requirements - i.e.
redirect if requested in the params, die otherwise.
Since it's now on CPAN, it'd be great if you could review the POD and
let me know if you'd like any changes before people start using it - if
that's not bad etiquette. Very sorry about this,
Dan
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/[email protected]/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
