On Sun, Aug 10, 2008 at 9:21 PM, John Campbell <[EMAIL PROTECTED]> wrote:
> On 8/10/08, Michael B Allen <[EMAIL PROTECTED]> wrote:
>> if ($scheme) {
>> header('Location: ' . rebuild_url_with_new_scheme($scheme));
>> exit();
>> }
>
>
> The code above won't always work because if the request is a post
> request, the post data will not get passed to the https url. I think
> the http spec says it is supposed to, but in reality the POST data is
> not sent to the redirected location. Maybe the thing to do is throw a
> 404 if post data is sent to a script that requires ssl.
True. But POST-ing while also transitioning between HTTP and HTTPS is
not terribly common.
> I would also use a 301 redirect in this case.
Why is that exactly? I think I agree with you, but I just want to make
sure I know why 301 would be better.
Mike
--
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
