Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

redirect to https with in global.asa??

Posted on 2002-03-26
9
Medium Priority
?
1,422 Views
Last Modified: 2008-03-03
Hi all.

Is it possible within my global.asa to specify that if my visitors are not on my https that they get shunted to it?

For example, if someone types in to their browser (or gets sent by a search engine) to mydomain.com, how can I redirect them to https://www.mydomain.com?

I'm NOT looking to put a response.redirect on each page, please.

Thanks!
0
Comment
Question by:ClassyLinks
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896495
Define a variable in the Application_OnStart like this:

     Application.Contents("SecureURL") = "https://www.yoursite.com"

You can then call all of your pages like:

<a href="<% =Application("SecureURL") %>/pages/yourpage.asp">
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896545
Hi fritz.

So.....If I code all my links like that, it won't start a new session?

For example, if they are at http://mysite.com and they click a link to https://mysite.com a new session would start.  But if they were already at https://mysite.com and clicked on a linke for https://mysite.com/page2.asp a new session would not start??

Am I confusing myself??
0
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896585
I am not sure that I follow. The idea is that there will be only one session per user if you do it this way. However, you'll still want to redirect your user if they don't land immediately on the secure site. You can use the server variables collection to verify that the first letters of the current URL are https, otherwise, redirect to "<% =Application("SecureURL") %>/pages/yourpage.asp"

Fritz the Blank
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896644
I think you just confirmed it.  Only one session per user.

GREAT!
0
 
LVL 5

Accepted Solution

by:
funke earned 400 total points
ID: 6896663
Use this logic

'SECURE PAGE SETTINGS
'----------------------------------------------------------------
If Request.ServerVariables("HTTPS") = "on" Then
   'DO NOTHING
Else
   Response.Redirect "https://" & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("PATH_INFO") & "?" & Request.ServerVariables("QUERY_STRING")
     
End If
'----------------------------------------------------------------
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896690
funke....can that go in the global.asa?
0
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896761
ClassyLinks,

You might try putting Funke's code in an include file and place it at the top of each page.

Fritz the Blank
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896862
ok...getting closer......now how do I ditch that security error

"This page contains non-secure items"

Pop's up on every page.
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896892
AHA!  Figured it out.  Had to get rid of my Human Click button.

Works beautifully.

Points to funke on this one.

50pts to you Fritz for helping out!  Check the ta.

Thanks!
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:   The Exchange of informatio…
Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question