Why don't you just leave them in https? Is this a performance issue? -----Original Message----- From: CPT John W. Holmes [mailto:[EMAIL PROTECTED] Sent: Thursday, March 13, 2003 9:07 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [PHP] http->https->http redirection causes browser to show alert dialog
> I have a login page with a form where users enter there login and > password. The form's action is "https://mysite.com/login.php";. > > login.php authenticates the user and if the authentication is successful > it ends with a: > > header("Location: http://mysite.com/welcome.html?a=b&c=etc...";); > > The problem I am facing is that the flow of event is: > > http -> https -> http > > and this causes IE and Netscape to put up an alert box telling > users that they are leaving a secured site. > > The IE messages is: > > "You are about to be redirected to a connection that is not secure. The > information you are sending to the current site might be retransmitted > to a non-secure site. Do you wish to continue?" > > I only want to use HTTPS for the parts of my web site that actually need > it and nothing else. The way I have things set up now I receive the > data through HTTPS, use it, and then put the user back on a "regular" > HTTP connection since I don't need https anymore. But I get browsers > throwing up these warnings .... > > Is there a way around this? The messages are annoying at best and > probably scary to users ... You'll have to output a message on the HTTPS page, like "Thank you, click here to continue", otherwise there's no way around the message. It's a client side issue, other browsers may or may not do it. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
