Forum
Buying gear? Please use these links to help 14ers.com:

More info...

Other ways to help...

Secure Browsing on 14ers.com

Check here for updates to the forum and site.

Re: Secure Browsing on 14ers.com

Postby Bean » Wed Mar 16, 2011 4:58 pm

I'd prefer if it defaulted to whatever method you used last instead of defaulting to sans-SSL.
gdthomas wrote:Bean, you're an idiot.

http://throughpolarizedeyes.com

Site Administrator
User avatar
Posts: 6368
Joined: Sun Jul 25, 2004 8:34 pm
Location: Breckenridge, CO

Re: Secure Browsing on 14ers.com

Postby BillMiddlebrook » Wed Mar 16, 2011 5:21 pm

Hmm, that's a tricky one and may be better done by having an HTTP and/or HTTPS favorite link in your browser.

Since they are different URLs, it may be confusing if I use cookies to "force" the previous type of session for a users. Example: If you were visited the site securely and then clicked a link in your browser, I wouldn't want to force you to "httpS://www.14ers.com" just because you last visited the site securely.

Does that make sense?
"There's no recess and no rules in the school of life" - D. Mustaine

Posts: 745
Joined: Wed May 03, 2006 9:21 pm
Location: Moab, UT/Glenwood Springs, CO

Re: Secure Browsing on 14ers.com

Postby kaiman » Thu Mar 17, 2011 5:28 pm

BillMiddlebrook wrote:Hmm, that's a tricky one and may be better done by having an HTTP and/or HTTPS favorite link in your browser.

Since they are different URLs, it may be confusing if I use cookies to "force" the previous type of session for a users. Example: If you were visited the site securely and then clicked a link in your browser, I wouldn't want to force you to "httpS://www.14ers.com" just because you last visited the site securely.

Does that make sense?


It seems to me rather then using cookies to force SSL session data on users that using .htaccess files and Apache's mod_rewrites to switch from HTTP to HTTPS on certain parts of 14ers.com by default (like the login and signup pages and maybe the forum pages) wouldn't be a bad thing. I haven't noticed any slowdown in the website speed while using SSL.

Just my 2 cents,

kaiman
"I want to keep the mountains clean of racism, religion and politics. In the mountains this should play no role."

- Joe Stettner

"Climb if you will, but remember that courage and strength are nought without prudence, and that a momentary negligence may destroy the happiness of a lifetime. Do nothing in haste; look well to each step; and from the beginning think what may be the end."

- Edward Whymper

Site Administrator
User avatar
Posts: 6368
Joined: Sun Jul 25, 2004 8:34 pm
Location: Breckenridge, CO

Re: Secure Browsing on 14ers.com

Postby BillMiddlebrook » Thu Mar 17, 2011 5:42 pm

Good points. I think Bean was referring to the defaulting of the conn type based on the most previous visit, regardless of location on the site. I agree about forcing ssl in specific areas.

Previous

Who is online

Users browsing this forum: No registered users and 2 guests