Hi,
I am running apache2, mod_ssl, on freebsd4.9 and I am using the mod_rewrite
engine to redirect requests for http -> https.
I have this working using:
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [R,L]
The nasty problem is that when I redirect a request for a page (e.g.
index.html) that contains an <img src> tag in the form of:
<img src = "http://server/logos.gif";>
IE 6 continually complains that the page contains insecured items and
refuses to display the yellow padlock. However, an examination of my rewrite
logs indicates that the GET for the logos.gif is being redirected:
IPADDR - - [06/Apr/2004:15:26:05 --0400] init rewrite engine with requested
uri /logos.gif
IPADDR- - [06/Apr/2004:15:26:05 --0400] applying pattern '^/(.*)' to uri
'/logos.gif'
IPADDR - - [06/Apr/2004:15:26:05 --0400] RewriteCond: input=''
pattern='!=on' => matched
IPADDR - - [06/Apr/2004:15:26:05 --0400] rewrite /logos.gif ->
https://SERVER/logos.gif
IPADDR - - [06/Apr/2004:15:26:05 --0400] implicitly forcing redirect
(rc=302) with https://SERVER/logos.gif
IPADDR- - [06/Apr/2004:15:26:05 --0400] escaping https://SERVER/logos.gif
for redirect
IPADDR - - [06/Apr/2004:15:26:05 --0400] redirect to
https://SERVER/logos.gif [REDIRECT/302]
If I remove the <img src> tag from index.html, the complaints go away,
index.html is accessed using https, and the padlock appears. So it would
appear that there is an issue with the GET for the .gif
Thinking that browser might be getting confused by two redirects in a row
(the first for http://server/index.html, and the second for
http://server/logos.gif) I have tried to GET the logos.gif directly via
http://server/logos.gif. But again, even though the request is redirected to
https://server/logos.gif, the same warning message pops up and IE refuses to
display the padlock. But if I bypass mod_rewrite and GET the gif using the
URL: https://server/logos.gif, IE does not complain.
Finally, Mozilla does not complain at all!! Jeez! My inclination is to
modify the <img src>s so that they all point to a relative path name instead
of a URL but I inherited the code and this would prove onerous. Moreover, it
does not seem reasonable to me that my redirects should cause IE6 such
problems.
If anyone has some ideas on this I would be extremely grateful. I am doing
something totally stupid here?
Thanks
Aproto Simaki
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
![http://server/logos.gif"](http://server/logos.gif"){kind=link}
