cfdiv bind and https

How do I make my cfdiv bind url into https, I want to secure the following URL.

<cfdiv bind="url:OnlineTransactionPayment.cfm?userid={userid@none}&processstep={processstep@none}&btnSearch={btnSearch@click}&tranno={tranno@none}&totalcost={totalcost@none}&itemcount={itemcount@none}&shNewsType=#shNewsType#&pubdate=#pubdate#&selOption=#selOption#}" ID="payonlineform" name="payonlineform" bindonload="false" />
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.


I believe you need to make the page itself an https page, the bind is simply asynchronous calls under within that request, so I suspect it would follow the page security
smares32371Author Commented:

Is there any way to make this javascript string function to change to to https when clicked.

<a href="javascript:loadContent('payemnt.cfm','payonline','#pubdate#','mainContent1','payonline',-1);" class="spReport">Online Payment</a>

The contents you are loading will not be considered secure because the page itself is not secure.   I think you need to reload the page to https first before executing any ajax.    To be safe, you should probably load the page via https the first time and every time just in case the secure connection is needed.

To my understanding, it won't work the way you are trying to do it

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Brijesh ChauhanStaff IT EngineerCommented:
I agree with gd, the HTTPS protocol encrypts your data when you are sending it over internet, say you are posting Credit Card information from a form on your server to the Payment gateway (Paypal for example), so HTTPS makes sure that the connection is secured and the data is encrypted before it's send from your network to paypal's, this way it cannot be hacked.

If you are on the same server, then you don't need it...
> If you are on the same server, then you don't need it...

Brijesh, this is not true ...

The SSL encryption protects between the CLIENT and the SERVER.  

HTTPS on the browser is not used between the server's Network and 3rd Party (such as payPal), it protects the credit card informaton from the user's PC to the Web Server.  

Brijesh ChauhanStaff IT EngineerCommented:
Yes, that is correct, anywhere sensitive data is submited over internet, you need HTTPS, from your pc to web-server, then from web-server to 3rd party, you still have to post info to paypal etc...

Your forms where you collect the information, for example payment info, is HTTPS, which secures the entire flow. So as you suggested the user should have the entire flow as https.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ColdFusion Language

From novice to tech pro — start learning today.