[nycphp-talk] Fix for IE Security Alert " You are about to be redirected to a connection that is not secure"
Cliff Hirsch
cliff at pinestream.com
Sat Jun 16 13:06:04 EDT 2007
On 6/16/07 12:15 PM, "Andy Dirnberger" <dirn at dirnonline.com> wrote:
> It looks like all the C# does is decode the URL of the page to which you
> want to redirect. The page then uses JavaScript (window.location.replace)
> to actually handle the redirect.
>
> You should be able to accomplish this with something like:
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> <?php
> $to = urldecode ($_GET ['to']);
> ?>
> <html xmlns="http://www.w3.org/1999/xhtml" >
> <head>
> <script type="text/javascript" language="javascript">
> <!--
> window.location.replace ("<?php echo $to; ?>");
> -->
> </script>
> <title></title>
> </head>
> <body></body>
> </html>
I finally analyzed the Yahoo login, and the above solution is very similar.
Here's how Yahoo does it -- very nice, multiple levels of fallback. The page
below is still https, so you don't get the IE https -> http warning.
<html>
<head>
<script language="JavaScript">
<!--
window.location.replace("http://finance.yahoo.com/");
// -->
</script>
<meta http-equiv="Refresh" content="0; url=http://finance.yahoo.com/">
</head>
<body>
If you are seeing this page, your browser settings prevent you
from automatically redirecting to a new URL.
<p>
Please <a href="http://finance.yahoo.com/">click here</a> to continue.
</body>
</html>
More information about the talk
mailing list