Solved

Secure https and servlets

Posted on 2002-06-25
5
292 Views
Last Modified: 2012-05-04
I have a servlet that will be called via https.  I put the base url on the image src so
<img src="http://www.xx.com/info/images/test.gif" ..>

My question is if this is an https ( secure ) site does that mean i have to use https
<img src="https://www.xx.com/info/images/test.gif" ..>
to downloand the images, etc.?

THanks


0
Comment
Question by:borg48
5 Comments
 
LVL 92

Expert Comment

by:objects
ID: 7106862
Only if you want https to be used to download the images.
0
 
LVL 1

Expert Comment

by:mraible
ID: 7107874
As objects said, no it is not necessary - your best bet is to use a relative path, i.e. /info/images/test.gif rather than an absolute path with the http:// - this will allow the image to use the same protocol as you're using to access the servet.

If you code your servlet with https:// and your image with https://, your users might get warnings that all elements on the page might not be secure - and this looks bad.

HTH,

Matt
0
 

Author Comment

by:borg48
ID: 7108101
The problem I have is that when I get a servlet and a path for example is htdocs/images/rl/logo.gif

when its a servlet i spit out the page and the img src is src="images/rl/logo.gif" it doesnt seem to find it.
0
 
LVL 1

Accepted Solution

by:
mraible earned 50 total points
ID: 7108121
What is the path you are using to get to your servlet?

If you have it mapped in a web.xml you can use something like the following:

request.getServletContext() + "images/...

0
 
LVL 19

Expert Comment

by:cheekycj
ID: 7108124
mraible is right.

What I usually do is have a global constants that store the full path to the images both secure and non-secure.  If I know a page is always accessed using SSL I use the SSL image path otherwise the non-ssl image path.

Another solution (not a good one) is to always have the images served up over SSL even on non-ssl pages.  This way the users will not see the non-secure warnings on any page.

CJ

0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
getting Http 404 error in jsp forms 8 81
AlarmClock Challenge 35 155
Limiting the number of characters a user can type in a text field 6 61
How can I   ajax html table  rows? 20 78
This article describes how to reset your Windows 10 password when you've forgotten it.
When it comes to protecting Oracle Database servers and systems, there are a ton of myths out there. Here are the most common.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question