how to change url from http to https without loosing the session
i have a web application that is is not secured but when the user get to the credit card form page i need to secure it (http to https) when i redirect the link starting https://------- the session get lost
how can i change the url from http to https without redirection
how can i change the url from http to https without redirection
Can you tell us which language your application is written in? PHP? ASP.NET?
The session should not get lost when changing to https unless the secure site is not the same web server. Can you give us some more information about how the session is being lost?
You cannot use javascript to simply change the address bar - even if ou could it would have no effect until the page re-loaded using SSL.
You cannot use javascript to simply change the address bar - even if ou could it would have no effect until the page re-loaded using SSL.
ASKER
i'm using visual basic 6.0 web application
This is an issue I have seen in many web server when transferring between domains.
Solution I used in a situation like this is to serialize the data in session of first domain to a parameter on query string and pass it over to next domain. On the second domain I deserialize the query string and populate the session.
I have used this method in PHP and ASP.
One glitch I faced and still haven’t found a solution is that when I want to destroy a session I could only destroy the session which the user is currently in.
Solution I used in a situation like this is to serialize the data in session of first domain to a parameter on query string and pass it over to next domain. On the second domain I deserialize the query string and populate the session.
I have used this method in PHP and ASP.
One glitch I faced and still haven’t found a solution is that when I want to destroy a session I could only destroy the session which the user is currently in.
ASKER
in my web application if i want to submit a form action="http://tfitours.com/mars.asp?wci=Start&wce=logon&"
sometimes i loose the session depending on the apartment thread that it uses
but if i use action="mars.asp?wci=Start
now if i want to change http to https , what can i do? sometime it works sometimes i loose the session
the way that i know is by redirecting the whole url using https instead of http , which isn't good
can anybody tell me an alternative
sometimes i loose the session depending on the apartment thread that it uses
but if i use action="mars.asp?wci=Start
now if i want to change http to https , what can i do? sometime it works sometimes i loose the session
the way that i know is by redirecting the whole url using https instead of http , which isn't good
can anybody tell me an alternative
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
my links are usually <a href="app.asp?wci=start&wc
if i use <a href="https://www.tfitours.com/app.asp?wci=start&wce=process&">process</a>
the user may loose the session.
how can i create a link on a page that link to the secure version of the site "https instead of http"
without loosing the session.
ASKER