Any way to suppress security message

Forum Moderators: coopster

Message Too Old, No Replies

Any way to suppress security message

kknusa

8:16 pm on Jan 13, 2004 (gmt 0)

Hello guys

is there any way to suppress security messages while going in and out of https servers messages like
You are about to be redirected to a connection that is not secure... Do u wish to continue

dmorison

8:21 pm on Jan 13, 2004 (gmt 0)

Best thing to do is not to send a redirect response (301 or 302) from a secure page. You shouldn't do it anyway, which is why the browser brings the fact to the users' attention.

After doing your secure stuff; create a "Thank you" page (or whatever is applicable to your situation) on your secure server that has a plain old link to the non-secure site.

kknusa

9:12 pm on Jan 13, 2004 (gmt 0)

Ok that's a way to do it but in the original case where there is a redirect does there exist a way to suppress it.
MY Web has a login side on each page that makes the user login any time he wants and i want to redirect him to the same place he was

dmorison

9:14 pm on Jan 13, 2004 (gmt 0)

The security warning is a feature of the browser application, operating outside of the HTML or Document Object Model (DOM) over which you do have control.

I'm pretty confident there is no way to override the warning. Sorry!

jatar_k

9:17 pm on Jan 13, 2004 (gmt 0)

grab the referer using $_SERVER['HTTP_REFERER'] on the login form, if it exists, and then launch them back there after they are authenticated.

If the referer is blank just send them to a standard entrance point.

You could also use a new window for logging in and use js to refresh the parent window.

There are a bunch of ways to do it.

The only way to supress is if they check "do not show me this message again"

kknusa

9:32 pm on Jan 13, 2004 (gmt 0)

Ok JATAR_K i'm able to grab the $_SERVER['HTTP_REFERER'] u say launch them back after authentication what do u really mean by that?

Thanks again
for both of u guys

jatar_k

9:49 pm on Jan 13, 2004 (gmt 0)

I am not 100% sure I am understanding your question so, hopefully I am not confusing the issue.

MY Web has a login side on each page that makes the user login any time he wants and i want to redirect him to the same place he was

I assumed,

1. you have a link to the login on every page
2. user logs in
3. you want to send them back to the page they came from

if so, you grab the referer, test it to make sure it's from your site somewhere

Then you can use the header function to send them back to the same page they came from.

kknusa

10:33 pm on Jan 13, 2004 (gmt 0)

No i don't have a link i have a form where the user enters his username and password and this form when submitted goes to
h2tps://........
where the data is submitted and tested to server and then i want it to return back to the same page.

jatar_k

12:01 am on Jan 14, 2004 (gmt 0)

so have a hidden field in the form that contains the page they are on, $_SERVER['PHP_SELF']

then you can use that to send them back there. That's much better than the referer anyway.

kknusa

12:27 am on Jan 14, 2004 (gmt 0)

Yes JATAR_K that's what i do but this whole discussion was about how to avoid getting the security message the one that says ur going to a non secure environment which comes up when i do
Header("Location: h2tp://www.site......$page")
where $ page is the php_self
from the secure page