Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

redirect to https with in global.asa??

Posted on 2002-03-26
9
Medium Priority
?
1,450 Views
Last Modified: 2008-03-03
Hi all.

Is it possible within my global.asa to specify that if my visitors are not on my https that they get shunted to it?

For example, if someone types in to their browser (or gets sent by a search engine) to mydomain.com, how can I redirect them to https://www.mydomain.com?

I'm NOT looking to put a response.redirect on each page, please.

Thanks!
0
Comment
Question by:ClassyLinks
  • 5
  • 3
9 Comments
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896495
Define a variable in the Application_OnStart like this:

     Application.Contents("SecureURL") = "https://www.yoursite.com"

You can then call all of your pages like:

<a href="<% =Application("SecureURL") %>/pages/yourpage.asp">
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896545
Hi fritz.

So.....If I code all my links like that, it won't start a new session?

For example, if they are at http://mysite.com and they click a link to https://mysite.com a new session would start.  But if they were already at https://mysite.com and clicked on a linke for https://mysite.com/page2.asp a new session would not start??

Am I confusing myself??
0
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896585
I am not sure that I follow. The idea is that there will be only one session per user if you do it this way. However, you'll still want to redirect your user if they don't land immediately on the secure site. You can use the server variables collection to verify that the first letters of the current URL are https, otherwise, redirect to "<% =Application("SecureURL") %>/pages/yourpage.asp"

Fritz the Blank
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896644
I think you just confirmed it.  Only one session per user.

GREAT!
0
 
LVL 5

Accepted Solution

by:
funke earned 400 total points
ID: 6896663
Use this logic

'SECURE PAGE SETTINGS
'----------------------------------------------------------------
If Request.ServerVariables("HTTPS") = "on" Then
   'DO NOTHING
Else
   Response.Redirect "https://" & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("PATH_INFO") & "?" & Request.ServerVariables("QUERY_STRING")
     
End If
'----------------------------------------------------------------
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896690
funke....can that go in the global.asa?
0
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896761
ClassyLinks,

You might try putting Funke's code in an include file and place it at the top of each page.

Fritz the Blank
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896862
ok...getting closer......now how do I ditch that security error

"This page contains non-secure items"

Pop's up on every page.
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896892
AHA!  Figured it out.  Had to get rid of my Human Click button.

Works beautifully.

Points to funke on this one.

50pts to you Fritz for helping out!  Check the ta.

Thanks!
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Loops Section Overview
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question