Solved

https and a security alert

Posted on 2006-11-28
11
329 Views
Last Modified: 2012-06-27
Hi there,
I have a page that is sitting in a secure folder where the user is supose to enter personal information, the main idea of the page is to validate the user date of birth to see if can continue with the application. I have somewhere on my form the following else statament:
 Else
                    Call Response.Redirect("http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf")
               End If
of course it has and if but is to long so i don't want to fill this question with unnecesarry stuff ;-)

now on that part of the esle is there a way to change the Security alert that is generete due the change of locations?
right now if the user is not over 18 yeras of age it gets directed to that pdf to print it out and fill it up and submitt it instead of doing it online.
if there is a way! can we replace that alert message for something like you will be redirected to the PDF file becasue you are not over 18 or something like that?
i tihink it has to be inside that else statement
can anyone help me?

Thanks
JSCTECHY
0
Comment
Question by:jsctechy
  • 5
  • 4
  • 2
11 Comments
 
LVL 13

Expert Comment

by:bigbillydotcom
Comment Utility
is this script inline in the page??
if so, you could break out of script and give them a link to click, something like this

...
else
%>
You are not old enough - please click link below to open a form to download and mail to us  - Thanks Kid!
<a hef="http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf">Click Here </a>
<%
 End If
.....resume script
0
 
LVL 1

Author Comment

by:jsctechy
Comment Utility
thats a good approach but i want soemthing else right now whenever the submit button is clicked i have a security warning and instead of having that i want to change for a message like the one you have
0
 
LVL 13

Expert Comment

by:bigbillydotcom
Comment Utility
OH - OK
if I understand it correctly, the reason you are getting the security warning is because you are irecting to a folder/document that is not under SSL - right?
Then why not redirect to a page that is under SSL that then has a link as inidicated above

I have also used javascript on a page to redirect to another non-SSL page, but the page you redirect to initially
(the page in the call response.redirect bit) has to be under SSL or will always get this warning

in a nutshell:

SSLpage1.asp (the SSL protected page they are on with the submit button)
on SSLPage1.asp
**********
else
     Call Response.Redirect("SSLTooYoungRedirPage.htm")
end if

SSLTooYoungRedirPage.htm ( the SSL protected page they get redirected to in the "else" bit)

code for SSLTooYoungRedirPage.htm - create new htm page and place this script under body tag
******************************
<script language=javascript>
     window.navigate("http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf");
</script>

should redirect without popping up security warning
0
 
LVL 1

Author Comment

by:jsctechy
Comment Utility
so i have to write just this on my else statemnet just to avoid the alert right?

<script language=javascript>
     window.navigate("http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf");
</script>

and how about the message i want to display?
0
 
LVL 13

Expert Comment

by:bigbillydotcom
Comment Utility
sorry
no

if you want to display the message - create a page with the message and redirect to that page

**********
else
     Call Response.Redirect("SSLTooYoungErrorPage.htm")
end if

then on that page have the message and the link for the pdf file (NEW ANCHOR SCRIPT BELOW - WILL OPEN PDF IN A NEW WINDOW)
*****************************
You are not old enough - please click link below to open a form to download and mail to us  - Thanks Kid!
<a target="_blank" hef="http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf">Click Here </a>

I dont think you will get securtiy warning when you popup the pdf using the link - only when you try and do a response.redirect on the server
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 1

Author Comment

by:jsctechy
Comment Utility
i don't want to redirect the user to another page all i wants is to have a message displaying the rerason why he/she is redirect to that other page or form thats all.

0
 
LVL 13

Expert Comment

by:bigbillydotcom
Comment Utility
oh ok
sorry - instead of redirecting - just write out to the browser

**********
else
     Response.write("You are not old enough - please click link below to open a form to download and mail to us  - Thanks Kid!")
     Response.write("<br>")
     Response.write ("<a target="_blank" hef="http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf">Click Here </a>")
end if
0
 
LVL 13

Expert Comment

by:bigbillydotcom
Comment Utility
oops
forgot to clean out the dbl quotes in the a href
**********
else
     Response.write("You are not old enough - please click link below to open a form to download and mail to us  - Thanks Kid!")
     Response.write("<br>")
     Response.write ("<a target='_blank' hef='http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf'>Click Here </a>")
end if
0
 
LVL 58

Accepted Solution

by:
amit_g earned 500 total points
Comment Utility
Change

Call Response.Redirect("http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf")

to

Call Response.Write("<script>")
Call Response.Write("alert('You are too young');")
Call Response.Write("location.href = 'http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf'")
Call Response.Write("</script>")

The warning message you get now is because http getting redirected to https. You can't change that message. You can remove that message if you host the page in the same place where you have your application i.e. in https.
0
 
LVL 1

Author Comment

by:jsctechy
Comment Utility
amit_g

ok that works exactly the way i want it but i have a question if i create a forlder inside the https folder and now the path change how can i change that line in other to pull the pdf direct from the folder?

>>Call Response.Write("location.href = 'http://www.somewhere.com/volunteer/pdf/VolunteerApplication.pdf'")

instead of having that here is folder that holds the pdf now pdf\VolunteerApplication.pdf

should i just write it like this
Call Response.Write("location.href = 'pdf/VolunteerApplication.pdf'")
?????????
0
 
LVL 58

Expert Comment

by:amit_g
Comment Utility
Yes that would work as long as the pdf folder is within the same fodler where your asp is.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now