Since this is a redirect to an external domain, there is no way to "hide" it from the browser using a simple mod_rewrite directive. You might be able to set up a proxy server for the HTTPS site, but I don't know how.

Jim

if you could change the form method from POST to GET then it would have been working. the reason is that using POST, the content of the forms are being sent in the body of the message (or in a postdata header? i don't recall now), but this part of the request will get lost using mod_rewrite with external redirects/rewrites. by using the GET method, the content of your form is being sent in the query_string, which can be forwarded to the external server by these modules. if you can't change the form due to some reason (security considerations for example), then i don't think you have any options left, except a simple frameset in your html page(s).

jdMorgan, as far as i know enabling mod_proxy in the main apache conf is enough for this, for a normal http conenction is for sure, but i think for the ssl encrypted connections also. well, i never tried it (a very extreme situation indeed), but it sounds as if it were something which is possible.

by the way, what's the purpose of the save.cgi?
if it is some sort of page which processes confidental information (bank card nr, personal details, etc), then i don't think you should use http (non-encrypted) connection for transmitting your form (not even to your server), so i suggest you to use frameset if you really want to hide the fact that it is not on your site (well, but in this case the curious people can check the ssl certificate of the remote site, where they can see at once where they really are)

Hi, I already found the answer to this question.
PHP can send a HTTP POST header using socket to that cgi. If you want to verify your form before posting to 3rd party webpage, and get the out put of that webpage, you may take a look of this:
[php.net...]