• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: WebObjects, just-in-time login and SSL
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WebObjects, just-in-time login and SSL


  • Subject: Re: WebObjects, just-in-time login and SSL
  • From: Ramsey Gurley <email@hidden>
  • Date: Fri, 15 Apr 2011 11:07:07 -0700

On Apr 14, 2011, at 2:52 PM, Mark Wardle wrote:

> Hi there.
>
> I now have a [almost] working system that checks a system property and
> conditionally forces the use of https for relevant resources.
>
> There is some hostname flakiness going on which messes with cookies
> (switching between localhost and Daisy.local) which is odd.
>
> The main reason why the hostname keeps getting changed in my use of
> ERXNavigationMenu and specifically the way it generates URLs for
> direct actions. These seem to insist on being full URLs (and hence
> change the hostname) although this somewhat depends on whether I'm
> switch from storing sessions in a cookie or URL. Whatever the case,
> despite the navigation buttons being rendered on a https page, the
> link goes to http://   I note any component actions simply use a
> relative URL and stay as https:// and exhibit no hostname flakiness.
>
> I'm ready the relevant wiki pages on SSL and specifically setting the
> hostname to localhost specifically in all the relevant configuration
> files.
>
> My naive assessment of this is that within
> ERXNavigationMenuItem.contextComponentActionURL()  should be fixed to
> default to the current setup:
>
> change
>
> return context().directActionURLForActionNamed(navigationItem().directActionName(),
> bindings);
>
> to
>
> return context().directActionURLForActionNamed(navigationItem().directActionName(),
> bindings, ERXRequest.isRequestSecure(context().request()), false);
>
>
> Or is this wrong?


For XHTML I believe it should escape the ampersands. Otherwise, that looks okay to me.

Ramsey


>
> Many thanks,
>
> Mark
>
> --
> Dr. Mark Wardle
> Specialist registrar, Neurology
> Cardiff, UK
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

  • Follow-Ups:
    • Re: WebObjects, just-in-time login and SSL
      • From: Mark Wardle <email@hidden>
References: 
 >WebObjects, just-in-time login and SSL (From: Mark Wardle <email@hidden>)

  • Prev by Date: Projects with space in their name
  • Next by Date: Re: WebObjects, just-in-time login and SSL
  • Previous by thread: Re: WebObjects, just-in-time login and SSL
  • Next by thread: Re: WebObjects, just-in-time login and SSL
  • Index(es):
    • Date
    • Thread