Hi,
I have a site built in codeigniter. We use short urls from our database & rewrite rules to redirect them to their full path.

For example,

RewriteRule ^secure-form$ form/contract/secure-form [L]

This works fine by itself. But I would like to use SSL on certain pages. I have edited the code so that if you go to one of these pages, all instances of http:// within the page are replaced with https:// but I need to rewrite the url to use it as well.

The pages all use the same template and all the content comes from the database so I can't just specify ssl on a particular directory.

The url's for the secure pages all start with 'secure' so I wrote the following rules and placed them above the other rewrites.

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} ^/secure/?.*$
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

RewriteCond %{HTTPS} on 
RewriteCond %{REQUEST_URI} !^/secure/?.*$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [R=301,L]

RewriteRule ^secure-form$ form/contract/secure-form [L]
RewriteRule ^secure-different-form$ form/contract/secure-different-form [L]
all other rewrite rules for specific pages follow

then the default rewrite further down...

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]

The problem is that when I add the rules to change the protocol, it ends up displaying 'form/contract/secure-form' in the url instead of 'secure-form'.

This renders the actual form on the page broken since it uses that url to build itself.

If I take out the rules that change the protocol, it displays secure-form in the url as it should, but the page is not secure.

What am I doing wrong?