2/19 I have two CGI scripts on my Apache-hosted site which I want
to be accessed only through https. I also use relative url's
throughout all my pages and would like to keep it this way. As
far as I can tell, the only way to link to a page over https
is with a fully-qualified URL. My scheme: create some Rewrite
Rules so that if any url ends with, for ex, "-secure", rewrite
that to https, and then add a SSLRequireSSL directive so a
clever user will be thwarted if they try to access the page w/out
the "-secure". Does anyone see anything wrong with this solution?
Is there a better way?
\_Not really. Not quite sure what the problem is with people
directly accessing your https server vs. being linked over.
Since http is stateless, it could create potential problems
when users use the back/forward buttons on their browsers
I guess...
\_ it's not the statelessness, it's the not-wanting to write
absolute URLs, I think
\_ exactly, I'd rather not start sprinkling absolute URLs
throughout the site. -op
\_ I think the mod_rewrite cookbook page even has examples of doing
this with a suffix like :ssl --dbushong |