This piece of code doesn't work; it's logging in into website which is using https protocol. How to solve this problem? The code stops at "GetRequestStream()" anytime anywhere saying that protocol violation exception is unhandled.. string username = "user"; string password = "pass"; HttpWebRequest request = (HttpWebRequest)WebRequest.Cr...
I'm trying to test my site in IE 6 using Microsoft's Win XP / IE 6 virtual machine image, but I'm unable to load any SSL site in either IE 6 or Firefox 2 inside of the virtual machine. Outside of the VM all sites load as expected, but inside it can't find the sites in either browser. Non-SSL sites load fine inside the VM. For example, t...
I have the following tag: <script type="text/javascript" src="https://cdn.example.com/js_file.js"></script> In this case the site is HTTPS, but the site may also be just HTTP. (The JS file is on another domain.) I'm wondering if it's valid to do the following for convenience sake: <script type="text/javascript" src="//cdn.ex...
So kind of very similar to "Detecting https requests in php": Want to have https://example.com/pog.php go to http://example.com/pog.php or even vice versa. Problems: Can't read anything from $_SERVER["HTTPS"] since it's not there Server is sending both requests over port 80, so can't check for 443 on the HTTPS version apache_request_...
Hello, recently received email from Authorize.net saying: During the week of March 16 - 20, 2009, Authorize.Net will be deprecating all legacy support for the SSL 2.0 protocol. Changes have recently been made to the Payment Card Industry Data Security Standard (PCI DSS) which have made the use of SSL 2.0 a PCI DSS viola...
I am developing a number of forms which should only be accessed via https. I have a dedicated server with its own cert and all the good stuff. So my question is two-fold really: 1). What's the best way to force every request to be https? Is there a better way than this .htacess/mod_rewrite rule: RewriteCond %{HTTPS} off RewriteRule (....
Hi all, I am connecting to a simple XML over HTTPS web service and getting a security exception. My question is whether you think the cause of this is the cert on the web server, so I should talk to the server admin or if my client code should be handling this. I would love to hear if anyone has encountered and solved this issue. Is the...
I read that a page which runs under an https connection cannot share an InProc Session (based on cookies) with another page (or the same for that matter) running under regular http. My site is running on Server 2003, IIS 6 and .Net 2.0. After some experiments it appears that a page which stores data in session while being connected thro...
I'm using curl and pycurl to connect to a secure 3rd party api and when I use pycurl I'm getting authentication errors back from the server, but when I use curl on the command line and do the same thing it works. I set both to verbose mode and am seeing some differences in the request, but I can't seem to figure out what the error is. T...
Newbie IIS question: I want to setup HTTPS access for my XHTML page (not asp.net) hosted on my IIS 6.0 server. So far I have done the following: In IIS Manager, for the particular folder, the following are set: Require secure channel (SSL) Require 128 bit encryption Ignore client certificates However when I try to access the page...
Hello All, I have moved the website BradPPresents.com to BradP.com. URLS ARE NOT SAFE FOR WORK The website links properly on HTTP but as soon as it uses HTTPS the links revert back to BradPPresents.com. I assumed this was a Joomla! configuration.php file but it has already been changed to BradP.com. Also, all instances that I can ...
I just moved my svn repository to a new server. Previously I was accessing my repository via svn://oldserver/yyy/zzz Now I want to access it via https://newserver:8443/svn/yyy/zzz I used switch --relocate to repoint my source tree and this seemed to work well. When I try to update the source I use: svn.exe update zzz --username myuser...
When I´m in a secure part of a web-site I´m developing (entering a specific page or folder using https), the relative links to the normal pages are automatically converted to https as well. Is there a way to tell an <a> tag to always use the http protocol instead of the https protocol (or the other way around)? I know it´s easy using t...
I'm interested in hearing what others do when, in a given application, some pages need to be secure and others don't. Take any solution off the table that requires a separate domain/subdomain. In this case, all calls, secure or insecure, will link to the same domain. I see a few options: The ham-fisted, just secure it all approach. A...
Hello All, I just moved my Joomla! website from BradPPresents.com to BradP.com. No Nude, but MAY NOT BE SFW Everything works properly on unsecured HTTP access; But as soon as the site changes to HTTPS: the BASE HREF reverts to the OLD url "BradPPresents.com". I've changed every instance of BradPPresents.com I can find, with no success...
I currently have a roll-your-own application security service that runs in my enterprise and is - for the most part - meeting business needs. The issue that I currently face is that the service has traditionally (naively) relied on the user's source IP remaining constant as a hedge against session hijacking - the web applications in the...
Hi, Is there any way to bundle a certificate in my application - and then use that to perform HTTP GET/POST using a NSURLRequest? I.e. the certificate should not be used for other HTTP traffic on the device, only by my application. Cheers ...
Response.Write("<script language=\"javascript\">window.open( with https and pdf What we do in a Asp.Net 1.1.4332 application is the following: a button triggers a server event that does some processing and puts the data in a session object after that the following code is executed : string page = Request.ApplicationPath + "/ApkRappor...
I'm setting up a webserver for a system that needs to be used only through HTTPS, on an internal network (no access from outside world) Right now I got it setup with a self-signed certificate, and it works fine, except for a nasty warning that all browsers fire up, as the CA authority used to sign it is naturally not trusted. Access is...
C# 3.0 ASP.Net 2.0 IIS6 I have a regular [non-https] page. There is the standard one ASP.Net form on the page. There are two "areas" of functionality on the page though. Login and "Get Quote". The login page needs to POST to HTTPS while the rest of the page [including the "other area"] form can't be HTTPS. In Java [JSP] and regul...