+- The Un-Official Proxomitron Forum (https://www.prxbx.com/forums)
+-- Forum: Proxomitron Config Sets (/forumdisplay.php?fid=43)
+--- Forum: Sidki (/forumdisplay.php?fid=44)
+---- Forum: Bug Reports (/forumdisplay.php?fid=47)
+---- Thread: half-ssl 302 redirect... (/showthread.php?tid=1701)
half-ssl 302 redirect... - ProxRocks - Nov. 24, 2010 09:58 AM
i've bumped into a half-ssl situation where the logout process lands on a 302 that redirects itself to a NON-half-ssl site...
here's the (modified) code for that landed-on 302...
Code:
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.insurance.com/WebMdLogOut/logout.html">here</a>.
</p>
</body></html>in my half-ssl session, i click the site's (original) logout "button", the process lands on this 302, and it "jumps me out of" half-ssl (and the insuing nag screen when the browser hits an http s :// and thus the very reason i half-ssl to begin with, to avoid them d@&n nags, lol)...
i've fixed "my" problem by writing a filter that replaces the "original" logout 'button' with a half-ssl link that points to where the 302 was non-halving to...
but the question herein is this, "should we rewrite the half-ssl filters so that they "catch" 302 redirects?" (or do they already and my above scenario is a "one-off" rarity?)
RE: half-ssl 302 redirect... - whenever - Nov. 24, 2010 02:58 PM
(Nov. 24, 2010 09:58 AM)ProxRocks Wrote: but the question herein is this, "should we rewrite the half-ssl filters so that they "catch" 302 redirects?" (or do they already and my above scenario is a "one-off" rarity?)
The filter is already there, see Location: 4 Half-SSL 06.11.02 (cch!) [jjoe] (d.2) (In).
I don't know why it doesn't work. It would help if you could post the http headers log.
RE: half-ssl 302 redirect... - ProxRocks - Nov. 24, 2010 03:22 PM
i'll keep my eye open if i see any more of these...
gonna write it off as a "one-off" unless i can find more...
the header logs look like they are "supposed to", but yet i'm getting a browser "ssl nag screen", so who knows...