| Route/Link to an action works with http, but NOT with httpS (SSL!) [message #169810] |
Mon, 27 September 2010 13:57  |
DigitalDude
Messages: 7
Registered: September 2010
Karma: 0
|
Junior Member |
|
|
Hey,
in one of my apps I have a route to an action in controller 'admins'
which is called 'signup'. As you probably already get what this action
is doing, the normal route would be:
http://myapp/admins/signup
so I made a route for this in my routes.php and the route is now:
http://myapp/signup
which works really nice. When I click a link in an email or so the
route just works fine, calls the correct action and so on...
But when using SSL encryption on my production server, the route
becomes this:
https://myapp/signup
This should not be a problem, BUT from this point on, every call to
this route will be redirected to my login page (e.g. pages/home) and
only when clicking a link or calling the route by browser again I can
go to the signup page...
Does anyone have any idea WHY this is happening? Is this a problem
with SSL or do I have to add sth to my htaccess files or so?
I tested this very often, only when using https every link will be
redirected to the login-page before I call it another time. The second
time I call a route or click a link I get to the correct page, but at
first time, I always get redirected...
:(
|
|
|
|
| Re: Route/Link to an action works with http, but NOT with httpS (SSL!) [message #169812 is a reply to message #169810] |
Mon, 27 September 2010 14:23  |
The Natural Philosoph
Messages: 993
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
DigitalDude wrote:
> Hey,
>
> in one of my apps I have a route to an action in controller 'admins'
> which is called 'signup'. As you probably already get what this action
> is doing, the normal route would be:
>
> http://myapp/admins/signup
>
> so I made a route for this in my routes.php and the route is now:
>
> http://myapp/signup
>
> which works really nice. When I click a link in an email or so the
> route just works fine, calls the correct action and so on...
>
> But when using SSL encryption on my production server, the route
> becomes this:
>
> https://myapp/signup
>
> This should not be a problem, BUT from this point on, every call to
> this route will be redirected to my login page (e.g. pages/home) and
> only when clicking a link or calling the route by browser again I can
> go to the signup page...
>
> Does anyone have any idea WHY this is happening? Is this a problem
> with SSL or do I have to add sth to my htaccess files or so?
>
> I tested this very often, only when using https every link will be
> redirected to the login-page before I call it another time. The second
> time I call a route or click a link I get to the correct page, but at
> first time, I always get redirected...
>
> :(
There are inbuilt security issues with HTTPS: I cant remember what they
are, but cross links have issues..an HTTPS servers is considered a 'new'
server and authentication on an HTTP server will not necessarily carry
if you link to a secure server unless you use a cookie or I think POST
data.
It is not clear to me what exact authentication process you have there
anyway, or what this has to do with PHP either.
|
|
|
|
| Re: Route/Link to an action works with http, but NOT with httpS (SSL!) [message #169813 is a reply to message #169812] |
Mon, 27 September 2010 14:30 |
DigitalDude
Messages: 7
Registered: September 2010
Karma: 0
|
Junior Member |
|
|
Hey,
the page I'm linking to is a page that does not require a login in my
app, but is protected via SSL. When I type the main url in my browser
it calls "https://www.myapp.com", which is ok and correct.
But when I link to let's say "https://www.myapp.com/signup" and I have
NOT visited the page in my browser before, it will ALWAYS route me to
"https://www.myapp.com" and only when I click my link the second time,
it will be routing to "https://www.myapp.com/signup".
The funny thing is, when I try this an a machine WITHOUT SSL, e.g.
only http, everything is absolutely fine... How can this be..? Is a
direct link to a document on a server with ssl only permitted when a
session exists or what could be the problem here...?
|
|
|
|
| Re: Route/Link to an action works with http, but NOT with httpS (SSL!) [message #169815 is a reply to message #169813] |
Mon, 27 September 2010 15:19 |
The Natural Philosoph
Messages: 993
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
DigitalDude wrote:
> Hey,
>
>
> the page I'm linking to is a page that does not require a login in my
> app, but is protected via SSL. When I type the main url in my browser
> it calls "https://www.myapp.com", which is ok and correct.
>
> But when I link to let's say "https://www.myapp.com/signup" and I have
> NOT visited the page in my browser before, it will ALWAYS route me to
> "https://www.myapp.com" and only when I click my link the second time,
> it will be routing to "https://www.myapp.com/signup".
>
> The funny thing is, when I try this an a machine WITHOUT SSL, e.g.
> only http, everything is absolutely fine... How can this be..? Is a
> direct link to a document on a server with ssl only permitted when a
> session exists or what could be the problem here...?
No idea. Must be something particular to your authentication, cos it
works for me all the time..
|
|
|
|
| Re: Route/Link to an action works with http, but NOT with httpS (SSL!) [message #169816 is a reply to message #169813] |
Mon, 27 September 2010 15:19 |
Captain Paralytic
Messages: 204
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 27 Sep, 15:30, DigitalDude <e.blumsten...@googlemail.com> wrote:
> Hey,
>
> the page I'm linking to is a page that does not require a login in my
> app, but is protected via SSL. When I type the main url in my browser
> it calls "https://www.myapp.com", which is ok and correct.
>
> But when I link to let's say "https://www.myapp.com/signup" and I have
> NOT visited the page in my browser before, it will ALWAYS route me to
> "https://www.myapp.com" and only when I click my link the second time,
> it will be routing to "https://www.myapp.com/signup".
>
> The funny thing is, when I try this an a machine WITHOUT SSL, e.g.
> only http, everything is absolutely fine... How can this be..? Is a
> direct link to a document on a server with ssl only permitted when a
> session exists or what could be the problem here...?
Whatever the problem is, as TNP sais, it doesn't seem at this stage to
be related to php.
|
|
|
|
| Re: Route/Link to an action works with http, but NOT with httpS (SSL!) [message #169818 is a reply to message #169810] |
Mon, 27 September 2010 15:49 |
Jonathan Stein
Messages: 43
Registered: September 2010
Karma: 0
|
Member |
|
|
Den 27-09-2010 15:57, DigitalDude skrev:
> in one of my apps I have a route to an action in controller 'admins'
> which is called 'signup'. As you probably already get what this action
> is doing, the normal route would be:
Sounds like you are using some sort of framework (CakePHP?). Try to ask
your question in a forum dedicated to your framework.
As others have said, your problem is probably not related to PHP itself.
Regards
Jonathan
|
|
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]