We are running our site at www.waynesavings.com on secure hosting
(Server 2003, IIS). We are using a custom 403.4 error page (called
403_4.asp, located under root) to redirect all users to https if they
come in on http. The site is also using an instant refresh on the
index.htm page under root to www.waynesavings.com/aboutus/home.htm due
to issues with the javascript menus used on the site.
The code we're using on the custom 403 page is this:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<%
If UCase(Request.ServerVariables("HTTPS")) = "OFF" Then
'''get page
sRedirect = "https://" & Request.ServerVariables("SERVER_NAME") &
Request.ServerVariables("PATH_INFO") & Request.Querystring
Response.Redirect sRedirect
End If
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1">
<title>Untitled Document</title>
</head>
<body>
</body>
</html>
It does the job just fine. However, if somebody has bookmarked a
non-secure page (e.g. http://www.waynesavings.com/rates/index.htm), it
will redirect the user NOT to the equivalent https page, but to the
secure home page instead.
Any input? If I can't get this solved, we'll just turn something bad
into something good and encourage people to rebookmark the respective
pages, but the perfectionist in me would like to see this solved.
Thanks!
