louise_8
asked on
Response.redirect from https to http without getting a you are about to leave a secure site message
Hi
Im currently developing 2 pages on a secure https site. When these pages finish processing I need to redirect to a non secure http page.
The problem is page1 calls page 2 (both https pages), page 2 does some processing then redirects to page 3 ( a http) page.
When the form on page 1 is submitting because its being redirected to page 3 a http page, Im getting the error- you are about to be directed to a non secure site do you want to continue.
Any ideas to get around this?
Cheers
Louise
Im currently developing 2 pages on a secure https site. When these pages finish processing I need to redirect to a non secure http page.
The problem is page1 calls page 2 (both https pages), page 2 does some processing then redirects to page 3 ( a http) page.
When the form on page 1 is submitting because its being redirected to page 3 a http page, Im getting the error- you are about to be directed to a non secure site do you want to continue.
Any ideas to get around this?
Cheers
Louise
ASKER
Thanks for your suggestion.
Unfortunately Im working on behalf of a client who posts us data from their http site, we process via https and they need the info to go back to their http site :(
Unfortunately Im working on behalf of a client who posts us data from their http site, we process via https and they need the info to go back to their http site :(
It just occurred to me - I have a page that does just what you're saying.
A client with no scripting or db support, so a form on their site submits to secure script on my site, processes the form, logs the action, and redirects to various pages back at the client site. http to https to http, and I've never had a message about leaving the secure site.
I'll test this and get back to you.
A client with no scripting or db support, so a form on their site submits to secure script on my site, processes the form, logs the action, and redirects to various pages back at the client site. http to https to http, and I've never had a message about leaving the secure site.
I'll test this and get back to you.
Okay, I don't think you can do this.
IF a user does not tick the checkbox that says "In the future do not show this warning" then they WILL get an alert warning message every time they enter or leave a secure site. There's no way around that that I know of.
IF a user does not tick the checkbox that says "In the future do not show this warning" then they WILL get an alert warning message every time they enter or leave a secure site. There's no way around that that I know of.
Is using an xml post an option?
I'm not an expert on that, but it might be worth googling, or asking a question in the xmlsection, as to whether your process could be done using xml and if so can it be transparent to the user
I'm not an expert on that, but it might be worth googling, or asking a question in the xmlsection, as to whether your process could be done using xml and if so can it be transparent to the user
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
thanks Amit.
so an XML post is no different in this respect to an html post?
so an XML post is no different in this respect to an html post?
XMP post might only help if the third page is not to be shown to the user. Even in that case we might see the warning as again for anything unsecure within the secured page, the browser is supposed to show that warning if the user hasn't instructed it to not show that warning.
ASKER
Thanks, Ill look up XMP and see if that helps
appreciate your comments guys
appreciate your comments guys
ASKER
XMP doesnt help me :(
Thanks again for your comments
Thanks again for your comments
sorry I couldn't help ...
As I said earlier, this is client browser setting and it can't be controlled from server using any language.
my 2 cents worth, either refund points or give them to Amitg. He didn't give you the answer you were looking for, but he was right when he said it couldn't be done, and said why.
I agree. The answer to this question is that it can't be done and that should be selected as an Accepted answer here. This is also a valid PAQable question as per http:help.jsp#hi54 and http:help.jsp#hi89 . If the questioner has problem with awarding points, I am ok with PAQ/Refund.
I'd suggest that if page3 could remain https, then the user ends up on a secure site - so when they move on from that page they can see what's happening.
A typical use might be sales site - the thank you & receipt page should remain https, so they don't get that warning message while the sale is ongoing, only after it's obviously completed.
Does that help in your case?