> The nasty problem is that when I redirect a request for a page (e.g.
> index.html) that contains an <img src> tag in the form of:
>
> <img src = "http://server/logos.gif";>
>
> IE 6 continually complains that the page contains insecured items and
> refuses to display the yellow padlock. However, an examination of my rewrite
> logs indicates that the GET for the logos.gif is being redirected:
[snip]
>
> If I remove the <img src> tag from index.html, the complaints go away,
> index.html is accessed using https, and the padlock appears. So it would
> appear that there is an issue with the GET for the .gif
>
> Thinking that browser might be getting confused by two redirects in a row
> (the first for http://server/index.html, and the second for
> http://server/logos.gif) I have tried to GET the logos.gif directly via
> http://server/logos.gif. But again, even though the request is redirected to
> https://server/logos.gif, the same warning message pops up and IE refuses to
> display the padlock. But if I bypass mod_rewrite and GET the gif using the
> URL: https://server/logos.gif, IE does not complain.
>
> Finally, Mozilla does not complain at all!! Jeez! My inclination is to
> modify the <img src>s so that they all point to a relative path name instead
I cannot verify what I'm talking about, both because you have not
provided the URLs to test (than can be solved by local testest, but no
time at the moment) and because I do not use any for of windoze, I'm
just wild gessing IE's reasonig. In a wild gess, IE is right (I hate to
say so :), though you are redirecting the request, the source for the
page it is presenting has unsecure elements, the parser does not know in
advance that the objects it will have to present to the user (your
images with absolute references), are really server by secure means, it
is asked to retrieve unsecured URLs (src=http:), though the page
contains mixed elements. This is another example why absolute URLs shall
be avoided when asking for contents from the same server :)
-- --------------------------------------------------------------------------- G & S Sistemas de Informacion, S.L. | Teléfono: 9 02 01 44 43 Victoriano Giralt | Land line: +34-952-207-741 Torre de San Telmo, 8 | Mobile: +34-670-332-720 E-29018 Malaga (Spain) | http://www.gssi.es/ ---------------------------------------------------------------------------
______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
![http://server/logos.gif"](http://server/logos.gif"){kind=link}
