navigate from a regular page to a secured page

Hi all,

What is the best way to lead customer from a regular page to a secured page?
Regularly, we use absolute path. say first ,a customer is on this regular
page for general information: http://xxxdomain.com/index.html, then customer
decides to buy something from our site. Then our program will provide an
absolute path like this: https://xxxdomain.com/buy.asp.

Recently I am doing migration and feel that the absolute path is not
convenient for program migration and domain merge. So I am wodering if there
is any other way to do it? any suggestions and comments?
--
Betty

Re: navigate from a regular page to a secured page

"c676228" wrote in message
news:C0449E62-D96C-4C88-8F71-E17B7FF47CA4@microsoft.com...
> Hi all,
>
> What is the best way to lead customer from a regular page to a secured
page?
> Regularly, we use absolute path. say first ,a customer is on this regular
> page for general information: http://xxxdomain.com/index.html, then
customer
> decides to buy something from our site. Then our program will provide an
> absolute path like this: https://xxxdomain.com/buy.asp.
>
> Recently I am doing migration and feel that the absolute path is not
> convenient for program migration and domain merge. So I am wodering if
there
> is any other way to do it? any suggestions and comments?


Since the start of the path changes from http to https what the client uses
has to be an absolute path.

It's a little bit awkard to do this in a html file since it gets no help
server side.
If you had a default.asp instead of index.html then :-

Dim sSecureBase
sSecureBase = "https://" & Request.ServerVariables("SERVER_NAME")

>%




If you have a lot of HTML that you don't want to change then you could leave
buy.asp available as http://xxxdomain.com/buy.asp and use this code in the
top :-

If Request.ServerVariable("HTTPS") = "OFF" Then
'Channel not secure
Response.Redirect "https://" & _
Request.ServerVariables("SERVER_NAME") & _
Request.ServerVariables("UNENCODED_URL")
Response.End
End If

You place this code in its own .asp file then include it in all ASP pages
that should be secure.

--
Anthony Jones - MVP ASP/ASP.NET

Re: navigate from a regular page to a secured page

Hi Anthony,
Thank you so much for your response. I will take your second suggestion
since we have separated person to develop marketing content without any
knowledge about asp. With this piece of code, we can take care of any third
party agents who link to our sale processes using http.

Sincerely
--
Betty


"Anthony Jones" wrote:

> "c676228" wrote in message
> news:C0449E62-D96C-4C88-8F71-E17B7FF47CA4@microsoft.com...
> > Hi all,
> >
> > What is the best way to lead customer from a regular page to a secured
> page?
> > Regularly, we use absolute path. say first ,a customer is on this regular
> > page for general information: http://xxxdomain.com/index.html, then
> customer
> > decides to buy something from our site. Then our program will provide an
> > absolute path like this: https://xxxdomain.com/buy.asp.
> >
> > Recently I am doing migration and feel that the absolute path is not
> > convenient for program migration and domain merge. So I am wodering if
> there
> > is any other way to do it? any suggestions and comments?
>
>
> Since the start of the path changes from http to https what the client uses
> has to be an absolute path.
>
> It's a little bit awkard to do this in a html file since it gets no help
> server side.
> If you had a default.asp instead of index.html then :-
>
> Dim sSecureBase
> sSecureBase = "https://" & Request.ServerVariables("SERVER_NAME")
>
> >%
>
>
>
>
> If you have a lot of HTML that you don't want to change then you could leave
> buy.asp available as http://xxxdomain.com/buy.asp and use this code in the
> top :-
>
> If Request.ServerVariable("HTTPS") = "OFF" Then
> 'Channel not secure
> Response.Redirect "https://" & _
> Request.ServerVariables("SERVER_NAME") & _
> Request.ServerVariables("UNENCODED_URL")
> Response.End
> End If
>
> You place this code in its own .asp file then include it in all ASP pages
> that should be secure.
>
> --
> Anthony Jones - MVP ASP/ASP.NET
>
>
>