Solved

redirect to https with in global.asa??

Posted on 2002-03-26
9
1,344 Views
Last Modified: 2008-03-03
Hi all.

Is it possible within my global.asa to specify that if my visitors are not on my https that they get shunted to it?

For example, if someone types in to their browser (or gets sent by a search engine) to mydomain.com, how can I redirect them to https://www.mydomain.com?

I'm NOT looking to put a response.redirect on each page, please.

Thanks!
0
Comment
Question by:ClassyLinks
  • 5
  • 3
9 Comments
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896495
Define a variable in the Application_OnStart like this:

     Application.Contents("SecureURL") = "https://www.yoursite.com"

You can then call all of your pages like:

<a href="<% =Application("SecureURL") %>/pages/yourpage.asp">
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896545
Hi fritz.

So.....If I code all my links like that, it won't start a new session?

For example, if they are at http://mysite.com and they click a link to https://mysite.com a new session would start.  But if they were already at https://mysite.com and clicked on a linke for https://mysite.com/page2.asp a new session would not start??

Am I confusing myself??
0
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896585
I am not sure that I follow. The idea is that there will be only one session per user if you do it this way. However, you'll still want to redirect your user if they don't land immediately on the secure site. You can use the server variables collection to verify that the first letters of the current URL are https, otherwise, redirect to "<% =Application("SecureURL") %>/pages/yourpage.asp"

Fritz the Blank
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896644
I think you just confirmed it.  Only one session per user.

GREAT!
0
 
LVL 5

Accepted Solution

by:
funke earned 100 total points
ID: 6896663
Use this logic

'SECURE PAGE SETTINGS
'----------------------------------------------------------------
If Request.ServerVariables("HTTPS") = "on" Then
   'DO NOTHING
Else
   Response.Redirect "https://" & Request.ServerVariables("HTTP_HOST") & Request.ServerVariables("PATH_INFO") & "?" & Request.ServerVariables("QUERY_STRING")
     
End If
'----------------------------------------------------------------
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896690
funke....can that go in the global.asa?
0
 
LVL 46

Expert Comment

by:fritz_the_blank
ID: 6896761
ClassyLinks,

You might try putting Funke's code in an include file and place it at the top of each page.

Fritz the Blank
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896862
ok...getting closer......now how do I ditch that security error

"This page contains non-secure items"

Pop's up on every page.
0
 
LVL 7

Author Comment

by:ClassyLinks
ID: 6896892
AHA!  Figured it out.  Had to get rid of my Human Click button.

Works beautifully.

Points to funke on this one.

50pts to you Fritz for helping out!  Check the ta.

Thanks!
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
This demonstration started out as a follow up to some recently posted questions on the subject of logging in: http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_28634665.html and http://www.experts-exchange.com/Programming/…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question