Forum OpenACS Q&A: Re: Subsite Registration Redirecting to https://mainsite.com/register/

Collapse
4: Re: Subsite Registration Redirecting to https://mainsite.com/register/ (response to 1)
Posted by Michael Steigman on 12/09/04 12:09 AM
Thanks for sharing this, James. I have a similar situation (not using pound, though) and the modification to get_secure_location helped. Have you given any consideration as to whether your change or some variation could make it into the toolkit so sites don't have to modify core code to support this use case? Also, I'm curious if you been able to restrict the entire host-node mapped subsite to SSL. I haven't had any luck doing that to this point. I've tried several syntax variations in the subsite's RestrictToSSL parameter to no avail.
Collapse
5: Re: Re: Subsite Registration Redirecting to https://mainsite.com/register/ (response to 4)
Posted by James Thornton on 12/09/04 12:32 AM
Michael, what method are you using since you aren't using Pound? -- are you using another external proxy? It wouldn't be hard to add this to the toolkit so that you could enable it via a package param, and it would be proxy-independent, as long as you can configure the proxy to pass in a custom header for secure connections -- all we would need is a standard header and value, such as X-SSL-Request: 1. I have not tried to restrict the entire host-node-mapped subsite to SSL so I have not seen that problem.