RE: Witango-Talk: HTTPS Filter

Tue, 30 Jul 2002 02:32:50 -0700 

The other way might be to force all the pages from which you are comming to
the central folder to https.

you can try calling an image on image onload and check if it is going to
https.if it is not going to https then you can force it to go to the error
page.

here in the example below
it tries to call the image call1.gif.if it is sucessfully able to call the
image in https then it calls the function actpage();
else
        it calls msgpage and redirects it to access denied page.

You can actually have a branch action calling this particular taf file


<html>
<head>
<script Language=JavaScript>
<!--
   function actpage()
   {
        top.location.href =
"https://xxx.xxx.xxx.xx/welcometocentralfileserver.taf?userReference=<@USERR
EFERENCE>";
   }

   function msgpage()
   {

        top.location.href =
"http://xxx.xxx.xxx.xx/accessdenied.taf?userReference=<@USERREFERENCE>";
   }

</script>
<title>Testing Browser for 128bit cipher strength</title>
</head>
<body bgcolor="#FFFFFF">
<p><img src="https://xxx.xxx.xxx.xx/gif/call1.gif"; WIDTH=1 HEIGHT=1
onLoad="actpage();" onError="msgpage();"><br></p>
</body>
</html>


hope this helps!

cheers
Prasad

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Jess Parker
Sent: Monday, July 29, 2002 11:05 PM
To: Multiple recipients of list witango-talk
Subject: Re: Witango-Talk: HTTPS Filter


It's not very secure, but you could check <@CGIPARAM SERVER_PORT> to see
if it's 443.

It's probably safer to configure your webserver not to serve files out of
the directory.  You can probably set up your webserver to redirect HTTP
requests to HTTPS for specific directories.

On Mon, 29 Jul 2002, Lawrence Reeve wrote:

> Hello,
>
> Is there a way to use Tango to check that a url is coming through
> https? I don't want anyone accessing some files in a common directory
> unless the connection is SSL.
>
> MacOS9, WebStar 4.4, Tango 2000 SP1
> --
> Lawrence Reeve
> [EMAIL PROTECTED]
> 650 604 4529
> ________________________________________________________________________
> TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
>                 with unsubscribe witango-talk in the message body
>

________________________________________________________________________
TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
                with unsubscribe witango-talk in the message body


________________________________________________________________________
TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
                with unsubscribe witango-talk in the message body

Reply via email to