I use <cfif NOT CGI.SERVER_PORT_SECURE> with cflocation (ala ColdFusion <http://www.coldfusioncookbook.com/entry/45/How-do-you-force-an-application- to-use-SSL> Cookbook) and have had no issues with the redirect.
All the cflocation does is send an error code and url to the browser; then browser is then responsible for loading the new URL. You can test this by opening a command prompt, telnet-ing to the web server on port 80, and sending a GET command. Since telnet won't actually redirect you (that is the browser client's responsibility, remember), you should be able to see the raw response from the server. Start -> Run -> "cmd" "telnet www.myserver.com 80" "GET /path/to/redirect.cfm HTTP/1.0" <enter> <enter> And voila, you should see the raw response from the server. I'd be interested in seeing the result! Take Care, Seth From: [email protected] [mailto:[email protected]] On Behalf Of Aaron Rouse Sent: Wednesday, July 15, 2009 8:22 PM To: [email protected] Subject: [houcfug] Re: https The cflocation should work, I actually do the exact thing you described in your original post except I use the CGI variable I suggested, which should make no difference. I have seen what you are describing before but it is when the IP address IIS has for HTTPS is for a domain and/or IP address that does not match the domain being used by the application. On Wed, Jul 15, 2009 at 4:53 PM, Mark Davis <[email protected]> wrote: Thanks Aaron. any one of several cgi vars would do the trick, but thats not the issue. Its the cflocation that it seems to puke on. I will check more on IIS Mark Davis | Developer ............................................................................ ............................................. Round Table Group, Inc. (281) 717-4575 [email protected] www.roundtablegroup.com ............................................................................ ............................................. https://www.roundtablegroup.com/secure/staff/emailSignature/RTG_logo.bmp The Leading Authority in Expert Witness Search & ReferralTM CONFIDENTIALITY NOTE: This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named in the message originated by me and may contain legally privileged and/or confidential information. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this email in error, please notify me immediately by telephone and permanently delete the original and any copy of the email, and any printout thereof. Thank you. _____ From: [email protected] [mailto:[email protected]] On Behalf Of Aaron Rouse Sent: Wednesday, July 15, 2009 4:32 PM To: [email protected] Subject: [houcfug] Re: https What about CGI.HTTPS it will be "on" or "off" I do believe you can enforce https based on directories with IIS as well but do not have an IIS Admin screen handy to go and look at where you do it. On Wed, Jul 15, 2009 at 3:55 PM, Mark Davis <[email protected]> wrote: hey guys, anyone have a good method of forcing https for requests to a specific application and forcing http for others? Our site has numerous applications (defined as having their own application.cfc or cfm.) and as the user navigates from some sections to others, I want to redirect between https and http. I was trying something as simple as adding this in the application.cfm... <cfif cgi.SERVER_PORT eq 80> doing a cflocation to the same url and query string they had but with https </cfif> but I generally get browser errors "IE cannot display thge webpage." Can IIS do redirect like this on different directores? or something else? Mark Davis | Developer ............................................................................ ............................................. Round Table Group, Inc. (281) 717-4575 [email protected] www.roundtablegroup.com ............................................................................ ............................................. https://www.roundtablegroup.com/secure/staff/emailSignature/RTG_logo.bmp The Leading Authority in Expert Witness Search & ReferralTM CONFIDENTIALITY NOTE: This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named in the message originated by me and may contain legally privileged and/or confidential information. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this email in error, please notify me immediately by telephone and permanently delete the original and any copy of the email, and any printout thereof. Thank you. -- Aaron Rouse http://www.happyhacker.com/ -- Aaron Rouse http://www.happyhacker.com/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discussion list. To unsubscribe, send email to [email protected] For more options, visit http://groups.google.com/group/houcfug?hl=en -~----------~----~----~----~------~----~------~--~---
<<inline: image001.gif>>
