Forum OpenACS Development: Solving security messages on IE when users login to a site with ssl

There is an annoying security message that pops up for Internet Explorer users when they log in to an OpenACS site where the login form is protected by SSL encryption.

I think Dave Bauer found a way to fix this by using util_ReturnMetaRefresh so that after the user is logged in, they go to a blank page which refreshes to the portal page (/dotlrn).

One problem is that the meta refresh takes a while to kick in so I added javascript code that does the refresh.

window.location.href = "$url"

This minor modification will make the browser redirect quicker and the meta refresh will be fall back for browsers that don't support any javascript.

What does everyone think ?

We are using this in production. It seems to be working fine. If the redirect target loads quickly you never even see the "You are being redirected..." message at all.