Zopistas, I'm trying to get all the manage pages to be secure through Roxen. I have implemented a rewrite rule ( ^/(.*)manage(.*) https://foo.net/$1manage$2 ) that will, for example, secure */manage_main. However, all the links are http:// instead of https://, so with one click you're insecure again. It would seem that something like the Access Rule + Site Root would be appropriate. Indeed, if I use a Access Rule with a base of https://foo.net, the manage pages do indeed work securely. However, then *everything* including the public pages are rendered securely, which is overhead I'd rather avoid. Basically, I need to alter generated url's based on a regexp, not a prefix. Alternatively, I need to alter all the management code so it generates https:// links instead of http:// links. (and whatever method I use has to work for many SiteRoots, i.e. many virtual hosts) I've been poking around in both SiteAccess and lib/python/App/Management to see what I could modify, but have thus far come up dry. If someone could point me to where/what I should be doing, it would be much appreciated. Thanks, Ethan Fremen http://mindlace.net
----- Original Message ----- From: ethan mindlace fremen <mindlace@imeme.net>
I'm trying to get all the manage pages to be secure through Roxen. I have implemented a rewrite rule ( ^/(.*)manage(.*) https://foo.net/$1manage$2 ) that will, for example, secure */manage_main. However, all the links are http:// instead of https://, so with one click you're insecure again.
It would seem that something like the Access Rule + Site Root would be appropriate. Indeed, if I use a Access Rule with a base of https://foo.net, the manage pages do indeed work securely. However, then *everything* including the public pages are rendered securely, which is overhead I'd rather avoid.
I'm assuming that you meant a SiteRoot , not an Access Rule. If that works pretty much the way you wanted, you should be able to get the rest by making the Base dynamic. Just leave the Base blank on your SiteRoots, and have the rewrite rule add environment variable SiteRootBASE=https://foo.net when it rewrites a .*manage.* URL. Cheers, Evan @ 4-am & digicool
From: ethan mindlace fremen <mindlace@imeme.net>
I'm trying to get all the manage pages to be secure
the following in an Access Rule should do the trick regardless of other virtualhosting: extract the base name requested: <dtml-let basename="_.string.join(_.string.split(HTTP_HOST, ':')[-2:])"> look for manage, then munge the result to be 0 if not found: <dtml-if "1+(_.string.find(PATH_INFO, 'manage'))"> Make secure base: <dtml-call "REQUEST.set('SiteRootBASE','https://'+basename)"> <dtml-else> Leave it insecure: <dtml-call "REQUEST.set('SiteRootBASE','http://'+basename)"> </dtml-if> </dtml-let> It still behaves kinda funny if you ask for manage without specifying https:// from the beginning, but I think you could get around this with a rewrite rule in Your Favorite Web Server. Ethan Fremen http://imeme.net
participants (2)
-
ethan mindlace fremen -
Evan Simpson