On Wed, 23 Mar 2005, David Lampkin wrote:
> Does the same problem happen with an IIS server, and ssl on standard not
> OWA pages?
Usually, but not as visible. The problem is that web servers at a number
of occations renders absolute URLs into the returned HTML or HTTP headers,
and as far as the web server knows it was requested using http:// not
https:// and the web server therefore uses http:// URLs in it's responses.
Absolute URLs can most often be seen in the following cases:
- Redirects, such as when you request a directory but forget the last /
after the directory name.
- CGI or other applications/scripts generating HTML responses with
absolute URLs to the server.
- WebDAV requests/responses
Redirects and WebDAV is hard to do anything about without help from the
web server manufacturer.
CGIs, scripts and static content should be changed to use relative URLs
where possible (absolute URL-paths is fine, but not full URLs including
protocol).
The custom "Front-End-Https: yes" header tells OWA that there is an
https->http gateway infront of OWA, telling OWA to use https:// URLs in
it's responses even if it was called using a http:// request (proxy->OWA).
Other applications may use other headers.
Regards
Henrik
Received on Wed Mar 23 2005 - 01:51:41 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST