Solved

redirect to https with in global.asa??

Posted on 2002-03-26
9
1,301 Views
Last Modified: 2008-03-03
Hi all.

Is it possible within my global.asa to specify that if my visitors are not on my https that they get shunted to it?

For example, if someone types in to their browser (or gets sent by a search engine) to mydomain.com, how can I redirect them to https://www.mydomain.com?

I'm NOT looking to put a response.redirect on each page, please.

Thanks!
0
Comment
Question by:ClassyLinks
  • 5
  • 3
9 Comments
 
LVL 46

Expert Comment

by:fritz_the_blank
Comment Utility
Define a variable in the Application_OnStart like this:

     Application.Contents("SecureURL") = "https://www.yoursite.com"

You can then call all of your pages like:

<a href="<% =Application("SecureURL") %>/pages/yourpage.asp">
0
 
LVL 7

Author Comment

by:ClassyLinks
Comment Utility
Hi fritz.

So.....If I code all my links like that, it won't start a new session?

For example, if they are at http://mysite.com and they click a link to https://mysite.com a new session would start.  But if they were already at https://mysite.com and clicked on a linke for https://mysite.com/page2.asp a new session would not start??

Am I confusing myself??
0
 
LVL 46

Expert Comment

by:fritz_the_blank
Comment Utility
I am not sure that I follow. The idea is that there will be only one session per user if you do it this way. However, you'll still want to redirect your user if they don't land immediately on the secure site. You can use the server variables collection to verify that the first letters of the current URL are https, otherwise, redirect to "<% =Application("SecureURL") %>/pages/yourpage.asp"

Fritz the Blank
0
 
LVL 7

Author Comment

by:ClassyLinks
Comment Utility
I think you just confirmed it.  Only one session per user.

GREAT!
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 5

Accepted Solution

by:
funke earned 100 total points
Comment Utility
Use this logic

'SECURE PAGE SETTINGS
'----------------------------------------------------------------
If Request.ServerVariables("HTTPS") = "on" Then
   'DO NOTHING
Else
   Response.Redirect "https://" & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("PATH_INFO") & "?" & Request.ServerVariables("QUERY_STRING")
     
End If
'----------------------------------------------------------------
0
 
LVL 7

Author Comment

by:ClassyLinks
Comment Utility
funke....can that go in the global.asa?
0
 
LVL 46

Expert Comment

by:fritz_the_blank
Comment Utility
ClassyLinks,

You might try putting Funke's code in an include file and place it at the top of each page.

Fritz the Blank
0
 
LVL 7

Author Comment

by:ClassyLinks
Comment Utility
ok...getting closer......now how do I ditch that security error

"This page contains non-secure items"

Pop's up on every page.
0
 
LVL 7

Author Comment

by:ClassyLinks
Comment Utility
AHA!  Figured it out.  Had to get rid of my Human Click button.

Works beautifully.

Points to funke on this one.

50pts to you Fritz for helping out!  Check the ta.

Thanks!
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now