Secure Socket Layer is very important and useful for any web application but it brings some problems too with itself. Handling navigation between secure and non-secure pages is one of the cumbersome jobs.
When a non-secure page references a secure page with relative URL, the web server generates error until absolute URL with https prefix is used. On the other hand when a secure page references a non-secure page, the non-secure page will be handled via secure channel. This does not cause any error but results slower service consuming more resource.
The solution is using absolute URLs whenever a secure/non-secure page link is needed. This is inconvenient. This prevents a developer to test the application on non-secure server. And the condition becomes worse when secure pages and secure/non-secure page links are not finalized or no. of secure pages deviates after the development.
The solution developed by me is a tool in the form of a DLL. This automatically detects secure and non-secure page requests and whenever the http request type differs from the type of the page, it responds to the client browser with the proper protocol (http or https). Using this tool we can handle the thing from the out side of the application without touching the code (except some configuration entries in Web.Config file).
You can contact me at amitvps.shri@gm ail.com
regards
Amit Shrivastava
Bhopal, India
When a non-secure page references a secure page with relative URL, the web server generates error until absolute URL with https prefix is used. On the other hand when a secure page references a non-secure page, the non-secure page will be handled via secure channel. This does not cause any error but results slower service consuming more resource.
The solution is using absolute URLs whenever a secure/non-secure page link is needed. This is inconvenient. This prevents a developer to test the application on non-secure server. And the condition becomes worse when secure pages and secure/non-secure page links are not finalized or no. of secure pages deviates after the development.
The solution developed by me is a tool in the form of a DLL. This automatically detects secure and non-secure page requests and whenever the http request type differs from the type of the page, it responds to the client browser with the proper protocol (http or https). Using this tool we can handle the thing from the out side of the application without touching the code (except some configuration entries in Web.Config file).
You can contact me at amitvps.shri@gm ail.com
regards
Amit Shrivastava
Bhopal, India