| Author |
 Topic  |
|
|
SANSOTGROUP
Starting Member
8 Posts |
 Posted - May 22 2008 : 08:09:36
|
When a customer checksout of my website, it transfers them to the secure section (https://). Once the transaction is completed, the customer remains on that secured section. Is there a way, without actually hardcoding the http links, to switch the customer to the regular site http://?
Thanks, |
|
|
kaudio
Starting Member
13 Posts |
Posted - May 22 2008 : 10:27:21
|
You can make that change but it will take some modification. The easiest way to do this is have a different header.htm page for the majority of the site and one just for the checkout page or where ever you want the https to be. At the top of the page put
<%
Response.Buffer = True
If (Request.ServerVariables("HTTPS") = "on") Then
Dim xredir__, xqstr__
xredir__ = "http://" & Request.ServerVariables("SERVER_NAME") & _
Request.ServerVariables("SCRIPT_NAME")
xqstr__ = Request.ServerVariables("QUERY_STRING")
if xqstr__ <> "" Then xredir__ = xredir__ & "?" & xqstr__
Response.redirect xredir__
End if
%>
This above will force the page to remove the https to http, you can modify as well to force http to https. Hope this helps |
 |
|
|
devshb
Senior Member
United Kingdom
1904 Posts |
|
|
saki
VP-CART New User
82 Posts |
Posted - May 22 2008 : 13:35:54
|
| We use a login name and password because we do secure downloads. I noticed that while I can force the Custome Information page to be https// to encrypt the login info The MyAccount login is still HTTP and therefore the login info there is un encrypted. Does you utility, Simon, take care of this and still return the rst of the pages to HTTP after myAccount login? |
|
|
|
devshb
Senior Member
United Kingdom
1904 Posts |
Posted - May 23 2008 : 02:16:05
|
yes; our addon will cater for that; the full list of "my" pages are included by default in the ssl config list of pages, they'll be forced onto ssl regardless of which page they link to when they jump to a my-account kind of page; that includes things like the downloads and the orders etc; you can then add/remove any pages if you want to swap them off/on ssl.
If a page isn't in the "ssl page list" config option of the addon then it'll force them off ssl when on that page, and if a page is in the "ssl page list" then it'll force them onto ssl when on that page.
However, there are also extra config options where you can override that logic if you want to as the merchant, so you can, if you want, force people onto ssl but not off it, or vice-versa, or not take account of the ssl list at all.
In addition to the ssl aspect (which is optional; you don't need to use that bit), you can also force people onto a specific domain/subdomain (eg to get around the "www" or no "www" url problem or mirrors/aliases etc)
The ssl and the force-domain/subdomain aspects are all configurable/optional, so you can set things up however you want.
Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons |
Edited by - devshb on May 23 2008 03:38:44 |
|
|
| |
Topic |
|
All Forums
Switch from https to http
New Topic
Printer Friendly
TrustGuard - PCI Security Scanner
