e lundi 26 novembre 2012 à 09:05 +0100, André Warnier a écrit :
> Vincent Veyron wrote:
> > Le samedi 24 novembre 2012 à 16:58 +0100, André Warnier a écrit :
> >
> >> Is there somewhere a "is_secure()" or something which provides that ?
> >> Or can I rely on the presence/absence of some request header ?
> >>
> >
> >
> > Apache's mod_rewrite has the HTTPS RewriteCond directive, which I use to
> > enforce https access on a site like so:
> >
> > RewriteCond %{HTTPS} off
> >
> > RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
> >
> > May be you can use this to mark the request somehow?
> >
>
> My problem is slightly different : I don't need to "enforce" HTTPS on the
> requests which I
> proxy; I need to determine if the incoming request was made via HTTPS.
>
> But your tip above actually pointed to something which may be of use to me :
> in
>
> http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewritecond
>
> there is apparently a "server variable" HTTPS which can be tested in a
> RewriteCond, and
> which looks just like what I need :
>
> HTTPS
Well, that's precisely what I was pointing at.
> Will contain the text "on" if the connection is using SSL/TLS, or "off"
> otherwise.
> (This variable can be safely used regardless of whether or not mod_ssl is
> loaded).
>
> Now I just have to find out how I can actually access such a "server
> variable" inside a
> mod_perl handler. But that should be a breeze, considering the nice online
> mod_perl
> documentation, right ?
You don't need to. Just write something like :
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}?ssl=off
and parse the query string in your handler for the ssl parameter with
$req->param
> Let's see if I can beat Torsten to it..
>
>
>
--
Vincent Veyron
http://marica.fr/
Logiciel de gestion des assurances sinistres et des dossiers contentieux pour
le service juridique
