Secure Browsing on 14ers.com

Check here for updates to the forum and site.
User avatar
Bean
Posts: 2742
Joined: 11/2/2005
14er Checklist (29)
14ers Skied (28)
14ers in Winter (8)
13er Checklist (7)
Contact:

Re: Secure Browsing on 14ers.com

Postby Bean » Wed Mar 16, 2011 3:58 pm

I'd prefer if it defaulted to whatever method you used last instead of defaulting to sans-SSL.
"There are no hard 14ers, but some are easier than others." - Scott P
http://throughpolarizedeyes.com
User avatar
BillMiddlebrook
Site Administrator
Posts: 7535
Joined: 7/25/2004
14er Checklist (58)
14ers Skied (46)
14ers in Winter (21)
13er Checklist (161)
Contact:

Re: Secure Browsing on 14ers.com

Postby BillMiddlebrook » Wed Mar 16, 2011 4:21 pm

Hmm, that's a tricky one and may be better done by having an HTTP and/or HTTPS favorite link in your browser.

Since they are different URLs, it may be confusing if I use cookies to "force" the previous type of session for a users. Example: If you were visited the site securely and then clicked a link in your browser, I wouldn't want to force you to "httpS://www.14ers.com" just because you last visited the site securely.

Does that make sense?
kaiman
Posts: 1108
Joined: 5/3/2006
14er Checklist Not Entered

Re: Secure Browsing on 14ers.com

Postby kaiman » Thu Mar 17, 2011 4:28 pm

BillMiddlebrook wrote:Hmm, that's a tricky one and may be better done by having an HTTP and/or HTTPS favorite link in your browser.

Since they are different URLs, it may be confusing if I use cookies to "force" the previous type of session for a users. Example: If you were visited the site securely and then clicked a link in your browser, I wouldn't want to force you to "httpS://www.14ers.com" just because you last visited the site securely.

Does that make sense?


It seems to me rather then using cookies to force SSL session data on users that using .htaccess files and Apache's mod_rewrites to switch from HTTP to HTTPS on certain parts of 14ers.com by default (like the login and signup pages and maybe the forum pages) wouldn't be a bad thing. I haven't noticed any slowdown in the website speed while using SSL.

Just my 2 cents,

kaiman
"I want to keep the mountains clean of racism, religion and politics. In the mountains this should play no role."

- Joe Stettner

"I haven't climbed Everest, skied to the poles, or sailed single-handed around the world. The goals I set out to accomplish aren't easily measured or quantified by world records or "firsts." The reasons I climb, and the climbs I do, are about more than distance or altitude, they are about breaking barriers within myself."

- Andy Kirkpatrick
User avatar
BillMiddlebrook
Site Administrator
Posts: 7535
Joined: 7/25/2004
14er Checklist (58)
14ers Skied (46)
14ers in Winter (21)
13er Checklist (161)
Contact:

Re: Secure Browsing on 14ers.com

Postby BillMiddlebrook » Thu Mar 17, 2011 4:42 pm

Good points. I think Bean was referring to the defaulting of the conn type based on the most previous visit, regardless of location on the site. I agree about forcing ssl in specific areas.

Return to “14ers.com - Updates”

Who is online

Users browsing this forum: No registered users and 5 guests