Forum
Your purchase of a synthetic or cotton shirt helps support 14ers.com. Thank you!

Other ways to help...

Secure Browsing on 14ers.com

Check here for updates to the forum and site.

Re: Secure Browsing on 14ers.com

Postby Bean » Wed Mar 16, 2011 3:58 pm

I'd prefer if it defaulted to whatever method you used last instead of defaulting to sans-SSL.

Site Administrator
User avatar
Posts: 7187
Joined: Sun Jul 25, 2004 7:34 pm
Location: Breckenridge, CO

Re: Secure Browsing on 14ers.com

Postby BillMiddlebrook » Wed Mar 16, 2011 4:21 pm

Hmm, that's a tricky one and may be better done by having an HTTP and/or HTTPS favorite link in your browser.

Since they are different URLs, it may be confusing if I use cookies to "force" the previous type of session for a users. Example: If you were visited the site securely and then clicked a link in your browser, I wouldn't want to force you to "httpS://www.14ers.com" just because you last visited the site securely.

Does that make sense?

Posts: 899
Joined: Wed May 03, 2006 8:21 pm
Location: Moab, UT

Re: Secure Browsing on 14ers.com

Postby kaiman » Thu Mar 17, 2011 4:28 pm

BillMiddlebrook wrote:Hmm, that's a tricky one and may be better done by having an HTTP and/or HTTPS favorite link in your browser.

Since they are different URLs, it may be confusing if I use cookies to "force" the previous type of session for a users. Example: If you were visited the site securely and then clicked a link in your browser, I wouldn't want to force you to "httpS://www.14ers.com" just because you last visited the site securely.

Does that make sense?


It seems to me rather then using cookies to force SSL session data on users that using .htaccess files and Apache's mod_rewrites to switch from HTTP to HTTPS on certain parts of 14ers.com by default (like the login and signup pages and maybe the forum pages) wouldn't be a bad thing. I haven't noticed any slowdown in the website speed while using SSL.

Just my 2 cents,

kaiman
"I want to keep the mountains clean of racism, religion and politics. In the mountains this should play no role."

- Joe Stettner

"I haven't climbed Everest, skied to the poles, or sailed single-handed around the world. The goals I set out to accomplish aren't easily measured or quantified by world records or "firsts." The reasons I climb, and the climbs I do, are about more than distance or altitude, they are about breaking barriers within myself."

- Andy Kirkpatrick

Site Administrator
User avatar
Posts: 7187
Joined: Sun Jul 25, 2004 7:34 pm
Location: Breckenridge, CO

Re: Secure Browsing on 14ers.com

Postby BillMiddlebrook » Thu Mar 17, 2011 4:42 pm

Good points. I think Bean was referring to the defaulting of the conn type based on the most previous visit, regardless of location on the site. I agree about forcing ssl in specific areas.

Previous

Who is online

Users browsing this forum: No registered users and 1 guest