Control SSL error page or detect capable SSL connection?

Is it possible to somehow redirect users to a cutom page if their
browsers/firewall do not support SSL? Almost like a customized 404
page?

We'd like to offer SSL form submits by default, but show a special page
if SSL is not possible for the user.

re: Control SSL error page or detect capable SSL connection?

>Is it possible to somehow redirect users to a cutom page if their[color=blue]
>browsers/firewall do not support SSL? Almost like a customized 404
>page?[/color]

If the user clicks on a https: URL and the browser does not
support SSL, it doesn't contact your server in any way so
you have no way to know it failed.

You might possibly get around this with trying to load a subframe from
a secure page with JavaScript, which is Turned Off (tm). Javascript
is more likely to be turned off than SSL.
[color=blue]
>We'd like to offer SSL form submits by default, but show a special page
>if SSL is not possible for the user.[/color]

You should provide the form via SSL (so the lock icon shows on the
page while the user is filling in the information). This also tests
that SSL works before the user spends time filling in the form and
then has it not work. You can provide a second link on the page
that leads TO the form, for use in case the first one doesn't work.

Gordon L. Burditt

re: Control SSL error page or detect capable SSL connection?

"Jan" <janoleolsen@hotmail.com> wrote in message
news:1141681474.213629.145370@j33g2000cwa.googlegr oups.com...[color=blue]
> Is it possible to somehow redirect users to a cutom page if their
> browsers/firewall do not support SSL? Almost like a customized 404
> page?
>
> We'd like to offer SSL form submits by default, but show a special page
> if SSL is not possible for the user.[/color]

Hi Jan,

From my knowledge with IIS I know this is possible from a server-side point
of view, though you have to cheat somewhat.

Within IIS Manager, locate the file/folder you require to be SSL enabled,
then go into file security - secure communications - edit and then tick
enable 'Require secured channel (SSL)'. Now viewing this page over a HTTP
connection will generate a 403 error message. Off the top of my head I
don't think you can do any kind of detection with this, as the error message
is generated from IIS before any pages are executed. By default this 403
error message is a typical one that Microsoft ship with IIS, plain white
background with the error:

"The page must be viewed over a secure channel
The page you are trying to access is secured with Secure Sockets Layer
(SSL).
blah blah blah"

Now, to redirect the user, simply create your own custom 403 error page that
contains redirect code (I prefer to use meta refresh as it's cleaner) and
using the 'Custom Errors' tab within the previous options in IIS, set the
default 403 error page to your new one.

Voila. Once people try and access your page using a non-secure connection
they'll get redirected to this new page.

This may not be useful to you if you intend to pass session variables and
the like, I really haven't tested it in much detail with PHP, but it may be
of some use to you.

Hope this helps,
Rich.