simontst wrote:
> The nasty problem is that when I redirect a request for a page (e.g.
> index.html) that contains an tag in the form of:
>
> http://server/logos.gif";>
>
> IE 6 continually complains that the page contains insecured items and
> refuses to display the yellow padlock. However, an examination of my
rewrite
> logs indicates that the GET for the logos.gif is being redirected:
[snip]
>
> If I remove the tag from index.html, the complaints go away,
> index.html is accessed using https, and the padlock appears. So it would
> appear that there is an issue with the GET for the .gif
>
> Thinking that browser might be getting confused by two redirects in a row
> (the first for http://server/index.html, and the second for
> http://server/logos.gif) I have tried to GET the logos.gif directly via
> http://server/logos.gif. But again, even though the request is
redirected to
> https://server/logos.gif, the same warning message pops up and IE
refuses to
> display the padlock. But if I bypass mod_rewrite and GET the gif
using the
> URL: https://server/logos.gif, IE does not complain.
>
> Finally, Mozilla does not complain at all!! Jeez! My inclination is to
> modify the s so that they all point to a relative path name
instead
I cannot verify what I'm talking about, both because you have not
provided the URLs to test (than can be solved by local testest, but no
time at the moment) and because I do not use any for of windoze, I'm
just wild gessing IE's reasonig. In a wild gess, IE is right (I hate to
say so :), though you are redirecting the request, the source for the
page it is presenting has unsecure elements, the parser does not know in
advance that the objects it will have to present to the user (your
images with absolute references), are really server by secure means, it
is asked to retrieve unsecured URLs (src=http:), though the page
contains mixed elements. This is another example why absolute URLs shall
be avoided when asking for contents from the same server :)
--
---
G & S Sistemas de Informacion, S.L. | Teléfono: 9 02 01 44 43
Victoriano Giralt| Land line: +34-952-207-741
Torre de San Telmo, 8| Mobile:+34-670-332-720
E-29018 Malaga (Spain) | http://www.gssi.es/
---
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]