after reading your post,... it then dawned on me the ever-handy CGI.pm has the server_port() function that will do what I need :)
thx's again for the help, -- Mike<mickalo>Blezien =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Thunder Rain Internet Publishing Providing Internet Solutions that work! http://www.thunder-rain.com Quality Web Hosting http://www.justlightening.net MSN: [EMAIL PROTECTED] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Wiggins d Anconia wrote:
Hello,
we have an affiliate system where affiliates put links on their
websites, and we
need to make sure they are using the https:// protocol when the
customer clicks
on the link, IE:
https://www.ourdomain.com/cgi-bin/script.cgi?somequery_stringhere
is there an effective way to make sure, before the script process the
request,
that it can check that it was called via the https and not http
protocal ??
TIA ;)
To me the easiest way to handle this would be to configure a distinct cgi-bin for the port (presumably 443) that the secure scripts run under. At that point if they can be run, they must be on a secure channel. Barring the ability to do that, you should be able to check the port that the request was made on based on the environment setup by the web server assuming it matches your secure port, then the request was made properly.
I assume you are worried about the response information rather than the request, in the latter case there is little reason to check in a server side script whether the client has requested it over a secure channel, as the whole point of the security at that point is moot, I suppose in the latter case it would still make sense if you were pushing them secure information.
http://danconia.org
-- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
