• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: secure binding
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: secure binding

  • Subject: Re: secure binding
  • From: Cheong Hee Ng <email@hidden>
  • Date: Thu, 6 May 2010 01:07:57 +0800
i should have mentioned the request headers, not session headers.  Thanks.

On Wed, May 5, 2010 at 11:58 PM, Chuck Hill <email@hidden> wrote:

On May 5, 2010, at 1:32 AM, Cheong Hee wrote:

Just to ensure i don't pretend to understand well...
What are the headers of each page, you meant session headers or some attributes defined for secured pages?

The HTTP headers.  See context().request().headers()




You need to check the headers on each page that should be SSL  protected to ensure that access was from an https URL.  If not,  redirect to the https version or show an error message.  Otherwise,  yes, the  user could access the secure parts in an unencrypted manner.

Chuck


Cheers

Cheong Hee

--
Chuck Hill             Senior Consultant / VP Development

Practical WebObjects - for developers who want to increase their overall knowledge of WebObjects or who are trying to solve specific problems.
http://www.global-village.net/products/practical_webobjects








 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >secure binding (From: David Griffith <email@hidden>)
 >Re: secure binding (From: Chuck Hill <email@hidden>)
 >Re: secure binding (From: David Griffith <email@hidden>)
 >Re: secure binding (From: "Cheong Hee" <email@hidden>)
 >Re: secure binding (From: David Griffith <email@hidden>)
 >Re: secure binding (From: Cheong Hee Ng <email@hidden>)
 >Re: secure binding (From: Chuck Hill <email@hidden>)
 >Re: secure binding (From: "Cheong Hee" <email@hidden>)
 >Re: secure binding (From: Chuck Hill <email@hidden>)

  • Prev by Date: Re: WODirectConnectEnabled false resource paths problem
  • Next by Date: Re: REST Authentication
  • Previous by thread: Re: secure binding
  • Next by thread: Re: secure binding
  • Index(es):
    • Date
    • Thread